My Thoughts on the NY Times Security Breach

As a former New Yorker and regular reader of the New York Times, I was appalled when I read about the recent security breach yesterday. Appalled but not surprised. Regardless of the security talents and controls implemented at the NY Times, the bad guys were easily able to find a back door or open window and get inside.

Topics: IBM Information and Risk Management Sourcefire FireEye Security and Privacy Security big data security analytics RSA cybercrime Damballa APT advanced persistent threat

Advanced Malware Protection: Network or Host?

Large organizations have legitimate cause for concern. Malware creation and proliferation is increasing rapidly as cyber criminals and state-sponsored organizations create the next round of APTs, botnets, Trojans, and rootkits. What's more, we've entered the era of micro attacks designed to compromise a targeted organization, business unit, or individual.

Topics: Check Point Palo Alto Networks Fortinet Cisco Information and Risk Management Juniper Sourcefire FireEye McAfee Enterprise Software mobile Security and Privacy Security bromium Invincea Fidelis Bit9 Anti-malware Damballa APT advanced persistent threat Trend M Countertack

Cybersecurity Legislation and APTs

We are entering a new phase in the lengthy cybersecurity legislation saga. Last Thursday, Senators Lieberman (I-CT), Collins (R-ME), Rockefeller (D-WV), and Carper (D-DE) introduced the revised Cybersecurity Act of 2012 out of the Homeland Security and Government Affairs Committee. Old name, but the new bill (S.3414) is a true compromise. Rather than mandating that critical infrastructure organizations comply with a DHS cybersecurity framework, the new bill provides incentives to organizations that comply with cybersecurity best practices voluntarily. Furthermore, the new bill borrows from the best of the Republican-sponsored alternative, SecureIT Act, as well as some of the more palatable measures outlined in the controversial CyberInformation Sharing & Protection Act (CISPA).

As of today (Monday, July 23, 2012), there is no schedule for debate or a vote, but President Obama already declared his support for the new bill and publicized his opinion in the Wall Street Journal.

Topics: Cybersecurity Information and Risk Management Security and Privacy cybercrime APT advanced persistent threat president obama cybersecurity legislation

The Advanced Malware Detection/Prevention Market

I've been thinking a lot about the Advanced Malware Detection/Prevention (AMD/P) market lately. This market is most often associated with Advanced Persistent Threats (APTs) and vendors like Countertack, Damballa, FireEye, Invincea, and Trend Micro.

Topics: Cybersecurity Endpoint & Application Virtualization IT Infrastructure Networking Information and Risk Management FireEye Security and Privacy malware Mandiant trend micro Invincea cybercrime Damballa APT advanced persistent threat SSL Countertack

Cybersecurity Bill Soap Opera

It's been about a month since I last blogged about cybersecurity legislation, so here's a brief review of where we stand.

Topics: Cybersecurity Information and Risk Management Security and Privacy APT advanced persistent threat president obama senator joseph lieberman

Should Congress Pass Cybersecurity legislation? Let Us Know What You Think!

In my most recent note-to-congress-pass-cybersecurity-legislation-now/index.html">blog, I got on my soapbox and stated my opinion that Congress should pass cybersecurity legislation to better protect U.S. Critical Infrastructure as soon as possible.

Topics: Cybersecurity Information and Risk Management Security and Privacy APT advanced persistent threat Critical Infrastructure

Note to Congress: Pass Cybersecurity Legislation Now

Earlier this week, the Senate Homeland Security and Government Affairs Committee (HSGAC) introduced a cybersecurity bill that would outline the Department of Homeland Security's responsibilities for overseeing cybersecurity at privately-owned critical infrastructure organizations.

Topics: Cybersecurity Information and Risk Management Security and Privacy advanced persistent threat senator joseph lieberman Critical Infrastructure Critical Infrastructure Protection

Cybersecurity Lessons from the Battlefields of Europe

At the beginning of WWI, battlefield tactics had not advanced much since the U.S. Civil War. The general goal was to continually advance on the enemy with waves of infantry attacks and eventually break through the lines by overwhelming enemy defenses.

Topics: Cybersecurity Information and Risk Management Security and Privacy security intelligence security analytics APT advanced persistent threat

ESG Video Highlights APT Research

I've written many blogs about the recently-published ESG Research Report, U.S. Advanced Persistent Threat Analysis, but there is a lot of data I haven't detailed. Since I can talk faster than I can type, ESG just posted this video that highlights the report data and some of its most important implications.

Topics: Cybersecurity Information and Risk Management Security and Privacy malware APT advanced persistent threat

2012 Should Be The Year Of Security Incident Response

According to ESG Research, 20% of large organizations are certain that they've been the target of an APT attack while another 39% say that it is likely they have been targeted. Can organizations detect and react to sophisticated attacks like APTs?

Topics: Information and Risk Management Security and Privacy SIEM incident response log management APT advanced persistent threat