J2SECOPS WEEKLY NEWS: This week in the J2 CSC, The Cloud, some of the colours of the rainbow, and my thoughts on GDPR.

As more organisations are consuming and offering services in the cloud, they are forever facing challenges by balancing customer experience and the increase of their surveillance capabilities. Enterprises are feeling the brunt of these changes. While cloud, in all its various guises, continues to shape digital strategies, how are security professionals adapting? Not just to cloud technologies, but also to the increased focus on privacy that the GDPR has brought within the overall context of a government that’s eager to increase its powers. Imagine for a moment; if you will, please indulge me on 3 major breaches and if GDPR was enforce –

Read more: J2SECOPS WEEKLY NEWS: This week in the J2 CSC, The Cloud, some of the colours of the rainbow, and...

  • Hits: 570

J2SECOPS WEEKLY NEWS: This week in the J2 CSC, so many data breaches and we are seeing that cryptomining is the “new” ransomware.

This has been quite a ride we have been on over the past two weeks, many, many data breaches, and many agree cryptomining is becoming the “new” ransomware. I believe the new business model will most likely be: finding all your data online through a subscription service, detecting it, and removing it. I was also really happy to be stuck indoors this past week-end, with the storms here in Cape Town, another two things I am happy to report, One: the Rain! And the second thing: I could stay indoors and catch up on much needed reading and research! A Very Happy and contented camper indeed.

And with this in mind, enjoy our roundup of stories for this week…

Want to catch-up on some reading too?

Both McAfee and Kaspersky have released research reports. Both are freely available and don't need you to surrender any details to access them. Some good stuff from the research community.
McAfee's report showcases new coin miner malware jumped a huge 1,189% in Quarter one while new ransomware attacks dropped 32%.
The decline of ransomware and rise of cryptocurrency mining is a trend that Kaspersky has also seen in its recent ransomware and malicious crypto miners in the 2016-2018 report.

McAfee Labs threats report, June 2018 | McAfee 
Ransomware and malicious crypto miners in 2016-2018 | Securelist

Top Security Concerns On The Minds Of Millennials

So do millennials have the right perspective when it comes to cybersecurity? There are clear advantages to prioritizing these outlooks, rather than spending more money on IT or worrying about the potential of a hack. Additionally, millennials seem more aware and knowledgeable about the nature of cybersecurity, and the digital risks that companies face.

The 4 Top Security Concerns On The Minds Of Millennials |  Larry Alton

A SIEM is a SIEM is a USM Right?

Most other SIEMs come with default content and correlation rules, which are useless because they aren’t aware of what data is coming from the environment. Since our product includes our intrusion detection, asset discovery, vulnerability assessment, and behavioural monitoring in one cloud platform, we can make more effective correlation rules that are applicable across our environments. We have the advantage of knowing where the data is coming from, letting us write correlation rules that will work out of the box. USM also eliminates the work of integrating and maintaining multiple point security products.

SIEM Content Engineer - Why Is It a “Thing”? | Kate Brew

  • Hits: 613

J2SECOPS WEEKLY NEWS: This week in the J2 CSC, The Birds and the Bees of Cybersecurity, Security by Design and a compendium of Funny Memes.

As a massive fan of Jennifer Leggio whom has been in the security industry for 17 years as a marketer, advisor, and writer. Her focus is on security culture, including disclosure, community issues, equality in security, disruptive trends, and even marketing best practices, all subjects very close to my own heart. In a recent write up she focuses on the key points from her Hack in the Box (HITB) Amsterdam keynote from a few weeks ago and covers some of the marketing fails in information security - including logo's and branded vulnerabilities.

What are these? you may ask; well basically there are people that work towards reducing harm and those that contribute to harmful outcomes and the latter tend to lend to all the confusion, fear, uncertainty, and doubt that distracts or disrupts a security practitioner's ability to do his or her job.

Some key points that stand out for me – again Jennifer, this is some great stuff!

  • Speak with your management about creating an ethics or standards board.
  • Express the end state you want is more truth and better security.
  • Share that you are willing to support on a committee to provide guidelines.
  • Company doesn't have a coordinated disclosure policy? Build one.
  • Require credit for your work.
  • Call out marketers, but focus on sharing how to do better vs. focusing just on what sucks.

It needs to be an inclusive and interactive dialogue between technical and non-technical folks, with next steps and outcomes. If we will build it. Will you come?
And with this in mind, enjoy our roundup of stories for this week…

Where Do Cybersecurity Professionals Come From?

When a Mommy cybersecurity professional and a Daddy cybersecurity professional love each other very much they hug each other in a special way to help each other make little cybersecurity professionals.

If only it were so easy! If it were, we wouldn’t have nearly 2.2 million unfilled cybersecurity jobs on the horizon.

We wouldn’t have millions of kids struggling with online and social media addictions on one end of the spectrum and kids with no access to the Internet on the other. So while the straight answer is, we make them, the less straight answer is how?

Where Do Cybersecurity Professionals Come From? |  Pete Herzog

Security by Design: The Network

Security by design is about designing secure environments with clear goals underpinned by real-world constraints. Realistic assumptions and constraints in terms of Business, Personnel, Staffing compliment, their abilities and the IT environment and the entire ecosystem are all critical steps in the security by Design process.
I really enjoyed this detailed take on the logic behind this very misunderstood concept.

Secure by Design: The Network |  Devon Taylor

The Best and Funniest Security Memes

AlienVault recently ran a contest on Twitter to collect the best InfoSec memes from the community. I really had to chuckle at some of these with the compendium blog on these funny as well as educational security memes. Since her blog on IT jokes from 2015 was so well received, maybe this meme thing will catch on too!

The Best and Funniest Security Memes | Kate Brew

  • Hits: 465

J2SECOPS WEEKLY NEWS: This week in the J2 CSC, Lest we forget: the insider threat.

Just before midnight last Sunday evening (June 17, 2018), Elon Musk sent an email to all staff. He was dismayed, he said, to learn about a Tesla employee "making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties." However, in information security terms, an insider stole sensitive documents from Tesla. The motive is not as important as the act. It seems that Tesla does not operate adequate least-privilege measures, and does not have an internal traffic monitoring system capable of detecting and blocking the unsanctioned exfiltration of gigabytes of data. This failure has left Tesla with a PR nightmare that it must now manage and the incident has also had an impact on the company's share price which dropped more than 6% in trading at the time of writing this.

And with this in mind, enjoy our roundup of stories for this week…

Tesla Breach: Malicious Insider Revenge or Whistleblowing?

Just before midnight last Sunday evening (June 17, 2018), Elon Musk sent an email to all staff. He was dismayed, he said, to learn about a Tesla employee "making direct code changes to the Tesla Manufacturing Operating System under false usernames and exporting large amounts of highly sensitive Tesla data to unknown third parties."

Malicious Insider Revenge or Whistleblowing? |  Kevin Townsend

When Bug Bounty Disclosure goes bad

There are vulnerabilities everywhere, you are a cybersecurity researcher, you then follow the bug bounty program process and share it responsibly with the vendor, then that vendor fixes the issue - but instead of sending the chopper over to you with a care package, they pretend like you didn't exist. Now what to do?.

Vendors, Disclosure, and a bit of WebUSB Madness |  Markus Vervier

How Edward Snowden made us think about and forget the Insider Threat

Five years ago, the news media went into a frenzy after The Guardian revealed details about National Security Agency (NSA) surveillance activities. The news was based on classified documents that former NSA IT contractor Edward Snowden stole while he had privileged access to NSA systems and data. It provided clarity on exactly how powerful the NSA’s information collecting machine was. It also gave new life to the “insider threat.”

Snowden illuminated how nefarious employees and contractors operate. He also cast a shadow over an additional class of insider threat made up of privileged users that includes employees, contractors, partners and executives that operate with their organizations’ best interests in mind. Since Snowden, this “trusted insider” segment has gone under appreciated with respect to risk it is driving and resources it deserves.

Five Years Later: Never forget the insider threat | Dtex Systems

  • Hits: 452

J2SECOPS WEEKLY NEWS: This week in the J2 CSC, I’ll take the win, especially considering how few and far between victories can be; as we look at collaboration and its positive inroads into global Cybersecurity ills.

I received an Email this morning from a long-time customer, you know the one, the potentially dreaded: “We have been compromised!”, which quickly took a really unexpected turn. I don’t think we as Cybersecurity professionals spend enough time discussing the wins,
I think we spend way too much time on the losses.

The email had the Subject Line: “Thank You” and ominously started with: “Gentlemen,”

It then continued: “As you know, we successfully (and highly so) thwarted a potential Ransomware attack. The succinct and active automated response from our technology platforms along with J2, promptly followed by mails and calls from your team”.

“This in itself is a testament to the phenomenal service and response time of j2, but upon further inspection, it would appear that the Ransomware in question had its latest update on the same day as the detection date, which means not only did we as Security Team respond and stop a potential catastrophe, it was with a zero-day attack!”

It finally concluded: “Hats off to your team, it has been, is and will be for a long time to come, an absolute pleasure to partner with you on our digital security adventure.

My first though was back to the conversation when this incident occurred and that my first Instinct, at the time, was to think about all the things that could have gone wrong, and better understand the attack vectors and what could have been done differently, and what we could have done better, then I had an a moment of enlightenment; this was a win! Through a combination of Technology, People and specifically collaboration, Automation or AI, we were collectively, able to thwart the attack – so we should take a moment to enjoy this brief moment in time;

So this one goes out to all the crazy ones, the misfits, the rebels, the troublemakers and customers that have to put up with this mad lot and that get up each and every day and fight the good fight,

I think the quote by Rob Siltanen is quite appropriate to celebrate this one small step:
“Here's to the crazy ones. The misfits. The rebels. The troublemakers. The round pegs in the square holes. The ones who see things differently.
They're not fond of rules. And they have no respect for the status quo. You can quote them, disagree with them, glorify or vilify them.
About the only thing you can't do is ignore them. Because they change things. They push the human race forward. And while some may see them as the crazy ones, we see genius.
Because the people who are crazy enough to think they can change the world, are the ones who do.”

I’ll take the win!

And with this in mind, enjoy our roundup of stories for this week…

When Data-Centric Security is the “Secret Sauce” of Cybersecurity

As the name implies, data-centric security protects information at the data level instead of just protecting devices, applications and the perimeter. Data-centric security allows companies to automatically enforce adaptive usage controls on sensitive information, and critical systems; not only controlling who can access information, but what actions (view, edit, copy, print, share or screen share) are allowed once access is given and from which device or geo.

Collaboration is essential - from working with vendors to third-party contractors, it is key to getting the job done and staying competitive.
While data security may not be equally top of mind for companies across all industry, the proof is in the numbers - companies in every industry must be prepared.

Protecting Your ‘Secret Sauce - Why Data-Centric Security Is Key|  Vishal Gupta

Cybersecurity collaboration is key to dark web deterrent

Vigilance remains high as cyber intelligence experts anticipate the next big ransomware threat.
As well as adding more patches, experts say companies and public bodies need to collaborate more to tackle the threat from leaked cyber weapons.
It is estimated that at least a dozen NSA tools are being discussed and worked on by hacking forums on the dark web.

Cyber security collaboration is key to dark web deterrent |  The Financial Times

Cyber security demands change in approach

We are already witnessing a coming together of sorts of technologies and their application like AI and People, where systems together with people are acting and providing analytic data that indicates ransomware attacks and if it is successfully exploiting weakness within the organisation at this very moment.

Already we are seeing a paradigm shift in incident response which fundamentally differs from our prejudiced understanding. Incidents are already the becoming mere possibility of a breach. Incidents are the proactive insights and remediation through active collaboration between technology, people and AI.

Cyber security demands change in approach | Warwick Ashford

  • Hits: 236
Copyright © 2018 J2 Software