Closing the data floodgates

I grew up in south Florida, probably one of the flattest places in the country. We had no mountains, hills or even mounds — nothing but flat in all directions. There was one diversion from the flat when I was a kid — an odd ravine along a residential street. We referred to it as the “deep deep” and drove by for a look every chance we got.

Over 30 years ago, I moved to Atlanta, a land of hills and valleys. My house backs up to a floodplain area with a ravine that makes the “deep deep” in Miami look small by comparison. Since I see it every day from my window, I really don’t think much about it anymore.

So, what does this reminiscence have to do with preventing data loss? I would suggest that the underlying problem is the same. Companies concerned about losing key data, such as the elements regulated by HIPAA and PCI, begin watching their communication channels (email, USB drives, etc.) for the presence of such data, and filter out the critical items. It seems an easy task at first, but after the hundredth email message, their eyes glaze over, causing them to miss data items, just like me looking out my window, and no longer noticing my ravine. Thus, there is a legitimate need for some automated approach to monitoring communication channels for inappropriate data. Continue reading “Closing the data floodgates”

Data breaches can be prevented with one simple solution

There have been so many major data breaches over the past year or two that it’s hardly even news anymore when millions of customer accounts are compromised. We’ve become jaded, and just expect that attackers will find a way to penetrate our networks and steal our data. The reality, however, is that there is one simple thing companies—and individuals—can do that will prevent the vast majority of data breaches: two-factor authentication.

“While people may claim that the attackers in these breaches are advanced, sophisticated, or state-sponsored, their actual execution is quite simple in nature,” declared Jon Oberheide, co-founder and CTO of Duo Security. “Simple phishing and other credential theft attacks have not only been the initial entry vector to these companies, but also how attackers move laterally within an organization to reach their eventual target.”

Oberheide warns that companies are setting themselves up for attack if they don’t implement two-factor authentication. “It’s expected that attackers will take advantage of that and find the path of least resistance.” Continue reading “Data breaches can be prevented with one simple solution”

Cisco unveils three DNA network security technologies

Cisco has announced three new technologies for its Digital Network Architecture (DNA) solution to enable network engineers, application developers, channel partners, and IT customers to embed improved and simplified security within their network infrastructure layer: Umbrella Branch, Stealthwatch Learning Network License, and Meraki MX Security Appliances with Advanced Malware Protection (AMP) and Threat Grid.

All three are designed to improve mobility and cloud security threats, according to the networking giant.

The first technology, Cisco’s Umbrella Branch cloud-delivered security software, provides businesses with increased control over guest Wi-Fi usage via content filtering. It can be activated on the Cisco Integrated Services Routers (ISR) 4,000 series, and works to filter and block malware, command and control (C2) callbacks, and phishing threats before they reach the network.

The company’s second new DNA security technology, the distributed machine-learning Cisco Stealthwatch Learning Network, was acquired as part of Cisco’s $452 million Lancope purchase. Continue reading “Cisco unveils three DNA network security technologies”

What’s the Biggest Threat to Data Security?

Chief information security officers at banks say their top priority is keeping data of all kinds (customer, employee, credit, performance, you name it) safe from attacks. They answered candidly when we asked who or what the greatest risks are.

Too Much Data Everywhere

There’s a huge pool of data out there that is hard to protect, and it also provides attackers with lots of ammunition.

“The more data out there, the higher the risk,” says Dominic Venturo, chief innovation officer at U.S. Bank in Minneapolis. “Even with things like PCI, we still see data breaches. We’ve also got this old system of user ID and password and the fact that consumers are reusing that data all over the place. On top of that, even when they don’t reuse them, passwords that are human-friendly are often insecure or easy to guess.” Continue reading “What’s the Biggest Threat to Data Security?”

The CSO 2016 Security Data Analytics Survival Guide

Is big data security analytics still a thing? A handful of years ago security and big data were mentioned in the same breath as one might say peanut butter and jelly, and big data security analytics was the buzz phrase that was buzzing the most loudly in every corner of the security industry. Perhaps the security big data analytics hype machine hit its most fevered pitch in 2013.

Today, we don’t hear quite as much about “security big data.” But that doesn’t mean that it’s no longer relevant. To tweak a phrase familiar from Gartner, the hype is cycling down from the peak of inflated expectations and, hopefully, heading to the plateau of productivity.

Big data security analytics is about using security analytics to improve security and obtain value from cybersecurity efforts. It’s about helping security teams to focus on the threats, vulnerabilities, and security controls that matter.