This week, as the World Economic Forum (WEF) met in Davos, Switzerland, cybersecurity took a key spot on the agenda. The World Economic Forum announced plans Wednesday for a new Global Centre for Cybersecurity. “The new Global Centre for Cybersecurity is designed as the first platform to tackle today’s cyber risks in a truly global manner,” Alois Zwinggi, managing director for the WEF, told CyberScoop. The new group is intended to facilitate increased public-private collaboration and information sharing on cyber threats. “Only through collaboration, information exchange and common standards can the global community successfully counter organized digital crime,” said a press release from the organization.
You can’t secure what you cannot see. That is a foundational step in eliminating threats to your security. It’s basic, but sometimes people are so overwhelmed by the danger inherent in digital danger that they’re determined to get to and excise the threat, any threat. So they go in with a hammer when they need a scalpel and with a flamethrower when they need a stun gun.
By the time you are face-to-face with a deleterious security threat, it is too late to find your center.
Here are some simple steps to identify the dangers that are legitimately threatening to your business. Think of it as a deep breath before taking a shot in basketball or before jumping into the water. You breathe, you open your eyes, you look at your environment with fresh eyes, you register situational awareness, then you strike.
Congratulations. It’s July. Summer has started and the unofficial half-year checkpoint for most companies is upon us. So we think it’s the perfect time to flip through our notes and take a look at the IT Security trends that were predicted at the beginning of 2015 and see how we did.
Most security monitoring practices focus primarily on reactive security, alerting security teams when a possible attack has been detecting on their network so that they can react to it and try to stop the intruders before any damage is done. The problem with this method is that the longer it takes to detect an attack, the more it will cost to fix it. The longer the attacker is inside your network, the more of a chance it has to find sensitive information.
We’ve rounded up five security tools you can download and start using now.
You can’t secure what you can’t see. Creating an inventory of authorized and unauthorized devices is an important best practice for security professionals. In fact, it’s the number one recommendation on the list of SANS/CIS Critical Security Controls.
2014 marked the year of more high-profile attacks. Victims include JP Morgan Chase, Home Depot, and most recently Sony Pictures Entertainment. Hackers want to steal as much data as possible, but they also want to make a statement. This was especially demonstrated with the hack on Sony Pictures. The hackers, who identified themselves as the Guardians of Peace, hacked into employee computers at the movie studio and posted a warning on the desktop. The warning threatened that all of Sony’s internal data would be released if Sony did not meet the hackers’ demands. The hackers released thousands of Social Security numbers and other personal employee data. Government agencies will demand to know what happened to cause this data breach, and top executives will have to answer.
In November, EIQ released the results of its annual Security Monitoring and SIEM study about priorities and challenges for information security in 2015. The results pointed to a lack of confidence in existing security technologies and the difficulties in obtaining budget and specialized talent to effectively protect information systems. ‘Data Breach’ was the top concern: close to 90% of IT security pros across industry sectors indicate “Concern” or “High Concern” they will face a data breach in 2015. Given that 2014 is well on its way to replace 2013 as the highest year on record for exposed records, our finding were not at all surprisingly. And as we review analyst and media trend reports for 2015, we see we are not alone.
Gartner just held its annual Security and Risk Management Summit, and has identified the top security challenges and threats companies will likely face over the next year. A recent article in NetworkWorld picks up on many of the findings and takeaways as organizations look to fortify their security in response to ongoing persistent threats.