WannaCry Makes Me Want to Cry!

As I read about the WannaCry ransomware attack, my brain is racing with thoughts about the causes and effects of this global incident. Here’s my two cents:

Topics: Cybersecurity endpoint security cybercrime AV ransomware

RIP Raimund Genes, Trend Micro CTO

I learned this past Saturday that my good friend and Trend Micro CTO, Raimund Genes, passed away suddenly last week. Raimund was only 54.

Topics: Network Security Cybersecurity endpoint security cybercrime

Remarkably, Many Organizations Still Opt for 'Good Enough' Cybersecurity

Late last year, ESG published a research report titled Through the Eyes of Cyber Security Professionals, in collaboration with the Information Systems Security Association (ISSA). As part of this report, 437 cybersecurity professionals and ISSA members were asked if they’d experienced a number of types of security incidents.  The research revealed that:

  • 39% of organizations experienced one or several security incidents resulting in the need to reimage one or several endpoints or servers.
  • 27% of organizations experienced one or several incidents of ransomware.
  • 20% of organizations experienced one or several incidents resulting in the disruption of a business application.
  • 19% of organizations experienced one or several incidents resulting in the disruption of a business process.
Topics: Cybersecurity malware CISO cybercrime ISSA

FireEye Myth and Reality

Some tech companies are always associated with their first acts. Dell just acquired my first employer, EMC Corporation, in order to expand its enterprise portfolio, yet the company will always be linked with personal computers and its founder’s dorm room. F5 has become a nexus that brings together networks and applications but will always retain the moniker of a load balancing company. Bit9 has established itself as a major next-generation endpoint player, yet some people can only think of its original focus on white listing.

Topics: Network Security Cybersecurity malware cybercrime Anti-malware

Book Report: Future Crimes

Future Crimes by Marc Goodman details the dark side of technology, examining how new technologies are used and abused for criminal purposes. In just under 400 pages, Goodman provides some basic historical background on computer security and then guides the reader through a cybercrime journey spanning consumer, industrial, medical, and various other technologies.

Topics: Cybersecurity cybercrime

Incident Response: More Art than Science

Five to ten years ago, the cybersecurity industry was mainly focused on incident prevention with tools like endpoint antivirus software, firewalls, IDS/IPS and web threat gateways. This perspective changed around 2010, driven by the Google Aurora and the subsequent obsession on advanced persistent threats (APTs). 

Topics: Cybersecurity incident response cybercrime NIST

Black Hat Is About Cybersecurity People and Processes

Over the past few years, the RSA Security Conference has become a marquee technology industry event. It has really outgrown its humble roots in cryptography and Layer 3 and 4 packet filtering – now RSA is where technology industry bigwigs meet, drink exquisite Napa Valley wine, get a broad perspective of the cybersecurity industry, and do deals.

RSA’s emergence as a “must-attend” technology industry event is a good thing on balance. For one week of the year, business, government, and technology leaders descend on San Francisco and shed a spotlight on the global state of cybersecurity. But while this attention is a good thing, RSA has evolved into a high-level affair, focusing on the “why” questions surrounding cybersecurity.

Enter Black Hat, which takes place next week in Las Vegas. Rather than concentrate further on “why” questions, Black Hat is where you go to explore “how.”

Topics: Cybersecurity Black Hat cybercrime

Measuring the Quality of Commercial Threat Intelligence

In my most recent blog, I described how a recently published ESG research report on threat intelligence revealed a number of issues around commercial threat intelligence quality. As part of a recent survey of cybersecurity professionals working at enterprise organizations (i.e., more than 1,000 employees), ESG found that:

Topics: malware cybercrime

Cybersecurity Views from a National Intelligence Officer

I participated in the Cyber Exchange Forum earlier today, an event sponsored by the Advanced Cyber Security Center (ACSC). The featured speaker was Sean Kanuck, National Intelligence Officer for Cyber Issues, Office of the Director of National Intelligence. In this role, Sean directs the production of national intelligence estimates (for cyber-threats), leads the intelligence community (IC) in cyber analysis, and writes personal assessments about strategic developments in cyberspace.

Topics: Information Security Cybersecurity cybercrime

Enterprise Organizations Are Taking Steps to Improve Cybersecurity Analytics

Last week, online retail giant eBay announced that it was hacked between February and March of this year with stolen login credentials of an eBay employee. This gave the hackers access to the user records of 145 million users including home addresses, e-mail addresses, dates of birth, and encrypted passwords. It appears that the hackers made copies of this data so eBay is advising all users to change their passwords.

Topics: IBM Big Data Cisco Information and Risk Management FireEye Dell endpoint Security and Privacy Security SIEM LogRhythm Leidos Blue Coat RSA Security SDN Bit9 cybercrime