As 2016 comes to a close, instead of discussing the past breaches and security issues of 2016, it’s time to start thinking about what challenges we will face in 2017. Monitoring major security trends and predictions can help your security program stay ahead of any potential threats, and anticipate where the cyber industry is going.
We asked several of our top leadership at NTT Security about 2017, and what security trends or predictions they may have. Below we list several trends to watch out for in the next several months:
Jon Heimerl, Manager, Threat Intelligence Communication Team, NTT Security
- Resurgence in Hacktivism
As 2016 closes, political unrest has increased in several parts of the world for a variety of reasons. For example, the U.S. presidential election highlighted partisan disagreements, the European Union is struggling with...
‘Twas 12 Days Before Theft Season
‘Twas 12 days before Theft Season, when all through the smart house,
Not a device was active, not even an IoT mouse.
The device that you bought from a random seller online,
That shipped from far-far away, had arrived in due time.
It was the gift that she begged for, pleaded and wined,
The one that she pined for, for six months’ time.
Not finding the original, this knock-off will do,
She must be happy, she is my princess; what would you do?
Being the perfect Dad, and wanting things right,
You plugged it in and charged it forthright.
Manuals read, it was ready to go,
But little did you know, this was only the beginning of the show.
As visions of your princess’ happiness lead you to a sound slumber,
The process was the first day of 12 days of havoc, 12 days of plunder.
The fiendish, deceitful, treacherous crew,
Of malicious actors, cleverly deceived you.
Their... read more >
Here’s the obvious answer…
If you’ve ever wondered whether your company should spend its hard-earned money on strengthening its cybersecurity posture, the answer is a resounding YES! But why? That’s what we are going to discuss today.
Cybersecurity companies have been saying it for years: “The question is not if, but when your company will be attacked.” At an increasing rate, these attacks come in the form of phishing emails, where an unsuspecting (often untrained) employee opens what appears to be a legitimate email and subsequently clicks on a malicious link. With two clicks, your company and its associated data are now open to the world. An attacker has free rein of your entire network, thanks to the unsuspecting employee who clicked on the malicious link.
Perhaps all too often the obvious answer is to fire the employee – or is it so simple?
Truth be told, had that employee received acceptable training from the time their... read more >
#WarStoryWednesday: Most incident response plans don’t survive first contact
This is not technically a war story, however, it is an experience that I would like to share. I recently attended an event featuring a speaker from a large company that had experienced one of the most high profile and extensive breaches in recent history. For the sake of the company I will not name them in this blog, but I do want to stress that the company is very large and the breach was extensive, affecting millions of customers and their entire network. What was interesting is that the speaker was from the company’s legal department, and as such, is not a “technical” person. This provided a brand new perspective to incident response.
In my line of work as an incident response analyst, working in a Managed Security Services Provider company, I routinely help companies that suffer from security incidents. I have first-hand knowledge as to how devastating such an event can be to a company. This speaker stressed that their company lost well over a billion... read more >
15 steps for a successful implementation
Implementing an ISO 27001, and subsequently ISO 27002 Information Security Management System (ISMS) is no small feat. It is a daunting task, disruptive to your organization and can also upset employees with necessary changes. How can your organization effectively implement a robust and successful security program?
The first step in determining whether your organization is ready for an ISMS is to ask, how will we benefit from this? Security professionals often overlook this step, but it is critical and can really encourage management's support of the program. It is not financially viable to pursue something that will not at some point increase the bottom line. Discuss whether your organization will retain or acquire customers based on the strength of the security program. Your organization may also experience a competitive market advantage or improve its reputation after implementation. Furthermore, not implementing a program could cause your organization to lose revenue,... read more >
Working from a strong foundation is the key to a successful security program
When a major security vulnerability is disclosed, everyone stops what they are doing and takes notice, especially when that vulnerability comes with its own logo. Now don’t get me wrong, newly disclosed vulnerabilities are important. They provide exciting opportunities for researchers and they do, if only temporarily, focus management’s attention on the often overlooked information security.
Don’t worry, this isn’t another blog about the pros and cons of vulnerability hype. Instead, I’d like to focus on the importance of keeping one eye on the basics, while the other is scrolling through the Twitter feed for the next upcoming disclosure. Because all too often, it is not the latest security vulnerability, but a failure to properly secure and deploy systems that is the root cause of a costly network breach.
Below are several recommendations to help keep your network more secure, and your company safe from new vulnerabilities (or old... read more >
ImageGate allows Ransomware Infection
With so many users accessing Facebook within corporate networks, it is imperative that your security team be up to date on current threats involving social media. A well-known piece of malware, Locky Ransomware, is spreading via Facebook Messenger by pretending to be a harmless image file. Since many companies allow employees to access Facebook, this presents a potentially massive hole in security programs.
The initial reports on this piece of ransomware show a commonality among the type of infection vector and approach used by the attackers. First, the user receives an instant message containing only an image file, or what appears to be an image file. It is usually titled generically with a .svg extension. A .svg (Scalable Vector Graphics) is an XML-based vector image, which is formatted for two dimensional graphics and support for animation and interactivity. These image files can be created and edited with any text... read more >