In a blog post I wrote in August — The most important attributes of a cybersecurity platform — I listed the eight attributes that my colleague Doug Cahill and I believe are critical for a cybersecurity technology platform. The blog post also ranks the eight attributes according to a recent survey of 232 cybersecurity professionals working at enterprise organizations (i.e. those with more than 1,000 employees).It was recently pointed out to me that while I listed the attributes, I did not define them. My apologies for the oversight, so here again is the list of attributes (along with the percentage of survey respondents that rated them as most important) along with definitions for each one. Coverage that includes major threat vectors such as email and web security (38%). Any security researcher will tell you that at least 90% of cyber attacks emanate from phishing emails, malicious attachments, or weaponized URLs. A cybersecurity platform must apply filters … [Read more...] about 8 features a cybersecurity technology platform must have
Industrial control systems (ICS) are designed to operate and support critical infrastructure. They are used heavily in industrial areas such as energy and utilities, oil and gas, pharmaceutical and chemical production, food and beverage, and manufacturing. Attacks on such systems can cause major damage. The 2015 hack of Ukraine’s power grid caused a blackout that affected over 200,000 people. Whether ransomware, botnets, cryptominers, or something more destructive, malware targeting such systems continues to proliferate. According to Kaspersky Labs, over 40 percent of ICS computers it monitors were attacked by malicious software at least once during the first half of 2018. According to a new report from CyberX, industrial organizations are doing themselves no favors and making themselves easy targets. The report, 2019 Global ICS & IIoT Risk Report, analyzed real-world network traffic data from 375 production ICS networks worldwide to get a view into existing vulnerabilities … [Read more...] about The state of ICS and IIoT security in 2019
The 2018 Verizon Data Breach Investigations Report says most hacks still happen through breaches of web applications. For this reason, testing and securing applications has become a priority for many organizations. That job is made easier by a growing selection of application security tools. Below is a list of some of the best application security tools available, with descriptions of the situations where they can be most effective. To compile this list, we consulted several sources, including: IT Central Station list of security application testing tools (ITCS) (September 2018), which is based on its large community of IT professionals who personally use and rate the various products. Gartner’s Market Guide for Application Shielding (June 2017). Gartner’s Magic Quadrant for Application Security Testing (March 2018). The SecTools top 125 network security tools, which is continuously updated. While specific to network-oriented tools, a few are useful for testing apps as … [Read more...] about Top application security tools for 2019
Data breaches are commonplace now and there’s a growing realization that organizations need to do more to combat them and to deal with the aftermath. The potential cost of stolen data extends beyond cleanup operations to potential regulatory fines and reputational damage. Although there’s more awareness of the risks today, taking the right, comprehensive steps to safeguard data is harder than people imagine. It’s not unusual for companies to start out in the right direction but fall short in their efforts because one specific area is overlooked. Achieving a high standard of cybersecurity requires a thorough, holistic view of the risks and a robust, continuous effort. The truth is that many organizations do one or two things right and then put their feet up, content to bask in the warm, but erroneous sensation that they’re safe. Here are four common statements that indicate a false sense of security. The risk isn't that big Smaller businesses are incredibly good … [Read more...] about 4 dangerous security assumptions to avoid
If you need surgery, you want the surgeon that other doctors want to do their surgery. You want a surgeon who has been there, done that, and taken names. You don’t want a surgeon who is doing their first few surgeries or has too many negative outcomes. The surgeon you want is the one other surgeons want to learn from.With that in mind, I recently ran into a long-time cybersecurity friend, Carric Dooley, whom I’ve known going on 15 years. We both worked at Foundstone doing penetration testing and penetration testing education. We both worked together at Microsoft after Foundstone.Carric is a surgeon’s surgeon. He’s the whitehat hacker that other whitehat hackers want to be around and work with. He’s not only very good at what he does and is well-loved by his co-workers, but he understands the challenges of running a business while getting the very best, right-sized computer defense better than most.I hadn’t seen Carric in years when I stumbled across … [Read more...] about Is your security operations center TTP0?