As the calendar pages turn toward the end of October, the thoughts of children around the nation drift to the spooky horrors that haunt the night. Zombies, werewolves and vampires haunt their young dreams. IT professionals also lay awake into the wee hours of the evening, but different kinds of terrors stalk them in their sleep. Hackers, spyware and advanced persistent threats lurk behind the dark corners threatening the confidentiality, integrity and availability of information and systems under their care.
The history of malicious actors in the world of computing is long and dark, dating back three decades and filled with the lore of history and deceit. Let’s take a look back through the rogue’s gallery of IT threats and dissect seven of the most notorious rogues to strike the Internet.
Read the full article: The IT Rogues Gallery
Published October 30, 2015 in Certification Magazine
As enterprises around the world adopt cloud computing strategies, personally identifiable information, health records, credit card numbers and other regulated data increasingly pass through the control of a wide range of service providers. Organizations adopting cloud-based services must take time to understand the compliance ramifications of cloud computing decisions and move forward in a manner that maintains compliance with applicable regulations. Compliance doesn’t necessarily need to slow down cloud adoption, but it should remain a high priority in a cloud-enabled IT environment.
Security and compliance professionals should understand the shared responsibility model that underlies cloud computing, data locality issues, the impact of cloud services on security operations and the assessment and compliance practices that must accompany cloud migrations.
Read the full story: Compliance in the Cloud
Published October 29, 2015 in Information Security Magazine
How confident are you that your network is secure and that hackers aren’t lurking on a server, lying in wait to attack? Many organizations simply don’t have the information required to provide managers with a confident answer to this question.
Vulnerability assessments provide organizations with important insights into their security posture, including a detailed examination of active infections and weaknesses that might allow an attacker to gain a foothold on the network. Security managers can use the results of well-designed assessments to prioritize remediation for areas with the most significant vulnerabilities, enabling the highest possible return on investment. Comprehensive vulnerability assessments engage highly qualified staff using a variety of modern tools.
Read the full article: Vulnerability Assessments Reveal Security Weaknesses
Published October 29, 2015 in StateTech Magazine
Organizations around the world are quickly moving IT services to cloud computing platforms in an attempt to meet a wide range of business needs. From outsourcing email and calendaring to a user-friendly and cost-effective SaaS platform to wholesale adoption of infrastructure-as-a-service (IaaS), enterprise IT is clearly undergoing a major transformation. As services migrate to the cloud, there is high demand for security professionals experienced in adapting existing security controls to cloud environments. How can organizations gauge whether their existing security staff and potential hires have the knowledge required to operate effectively in a cloud-based environment?
The International Information Systems Security Certification Consortium ((ISC)2) and the Cloud Security Alliance (CSA) recently banded together in a unique partnership designed to solve this problem for the industry. As the producers of the Certified Information Systems Security Professional (CISSP), the industry’s gold standard security certification, (ISC)2 brings substantial certification expertise to the table. CSA, on the other hand, has a long background in developing and promoting cloud security standards. The product of their collaboration is the new Certified Cloud Security Professional (CCSP) credential.
Read the full article: Exploring the Certified Cloud Security Professional (CCSP) Certification
Published October 19, 2015 in Certification Magazine
I had the opportunity to participate on two interesting panels at this year’s AWS re:Invent conference. The first was a panel of five organizations moving their organization’s IT operations to the cloud:
Later in the week, I joined Bob Micelli of King County, Washington for a fireside chat focused on organizational transformation:
Over two thirds of the servers running Internet-facing websites run variations of the Linux operating system, according to W3Techs Web Technology Surveys. If your organization is among this large group, do you have the skills that you need to properly secure these systems? Failure to implement strong Linux security safeguards may lead to website defacements or, in the worst case, provide hackers with a launching pad to wage an attack against sensitive information stored on your internal network. Organizations running Linux servers must have competently trained security teams with the skills required to harden those systems against attack.
Linux security certifications provide IT professionals with a standardized way to demonstrate their system defense skills to potential employers. These certifications may be narrowly focused on Linux security, but they cover a wide range of topics within that domain! Students studying for a Linux security certification will cover ground including firewalls, network security, encryption, application and operating system patching and other important topics. Candidates who go on to pass the exam will be able to leverage these skills in an increasingly competitive employment market and stand out from the crowd when competing for lucrative Linux security engineering positions.
Read the full article: Linux Security Certifications
Published October 7, 2015 in Certification Magazine
Security vulnerabilities exist in every organization. The sheer volume of operating system, application and infrastructure security alerts announced each day means that there could be dozens of security issues lurking in your environment, awaiting discovery. The reality is your technology environment likely contains more vulnerabilities than your team can correct before the next batch rears its head.
Vulnerability management tools help information security teams stay ahead of the rising tide of security issues in their organizations. They combine state-of-the art vulnerability detection capabilities with prioritization algorithms that help organizations identify the issues requiring immediate attention, so they can focus efforts on the vulnerabilities most likely to result in a breach.
Read the full story: Choose the best vulnerability assessment tools
Published 10/2/2015 on SearchSecurity.com
Village leaders in Northport, New York are wrestling with a serious decision about insurance this summer. In the wake of a January 2014 ransomware attack against the Northport Police Department, the village is now considering the purchase of a cyberinsurance policy. At a May meeting, the village’s Board of Trustees entertained a presentation covering the benefits of cybersecurity insurance to defray the costs of future security incidents.
While Northport may be considering cybersecurity insurance for the first time, these policies aren’t new. Over the past decade, insurance firms developed a variety of cyberinsurance products designed to cover this emerging area of risk facing many organizations. While cyberinsurance can’t prevent a breach or restore constituent confidence in an agency suffering a breach, the policies do allow agencies to transfer some of the financial burden of incident response to an insurance provider.
Read the full story: Security Save: Cyberinsurance
Published September 22, 2015 in StateTech Magazine
During the summer and fall of 2010, a quiet cyberwar erupted between Iran on one side and the United States and Israel on the other. The weapon, a computer virus known as Stuxnet, allegedly breached the networks of a sensitive nuclear fuel enrichment facility in Iran and caused an incredible amount of physical damage to the equipment contained within the plant. Reports are that the malware attack dealt a significant blow to the Iranian nuclear program and, although they never officially took responsibility, the attacking nations coyly suggested their involvement in the attack.
The Stuxnet incident fascinated technologists around the world for a number of reasons. In addition to being one of the first large-scale cyberwarfare attacks in history, Stuxnet also made several technical advances over existing malware. The virus creators carefully crafted Stuxnet to target the enrichment equipment at a facility in Natanz, Iran and designed it to covertly infiltrate the Natanz network, defeating existing security controls. This included beating air gap protection, a control typically found in sensitive industrial facilities.
Read the full story: Malware Jumps the Air Gap
Published August 17, 2015 on GoCertify.com
You’ve installed antivirus software on your computer and are careful to avoid sketchy websites. You should be safe from malware infection, correct? Unfortunately, new stealth techniques allow hackers to sneak malware past these rudimentary defenses in an approach known as “drive-by downloads.” In fact, users often fall victim to drive-by download attacks without even knowing that anything untoward occurred. Hackers use this technique to surreptitiously steal confidential information, disrupt system use or join systems to large botnets for use in distributed denial of service attacks.
When an attacker launches a drive-by download attack, he first compromises a well-known website visited by the attacker’s target audience. After gaining control of the site, the attacker is careful to leave both the look-and-feel and legitimate content on the site intact. Instead of performing a defacement attack to claim credit for the hack in a public way, the attacker instead places malware files on a hidden portion of the site. This malware then lurks in the background, waiting for a vulnerable target to visit the site and fall victim to the attack. The most insidious aspect of drive-by downloads is that they attack users where they feel most safe – known and trusted websites.
Read the full story: Drive-By Downloads
Published July 30, 2015 on GoCertify.com
Mike is an IT leader, information security professional, author, speaker and trainer with over fifteen years of experience in the field.