Balancing the Sharing of Information

CyberSecurity Journal

Subscribe to CyberSecurity Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get CyberSecurity Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

A key challenge that retailers face today is the difficulty of accurately judging where they are on the digital maturity curve relative to their competitors. There appears to be little expertise in making this assessment; for example, 79% of digital leaders don't know they are ranked as leaders, and only 56% of retailers ranked as average in our study believe they are at this level. The other 44% in the average category mistakenly believe they are either leaders or laggards. The lack of competitive clarity makes it even more difficult to develop an effective competitive strategy. Our research suggests that retailers' plans reflect neither self-awareness nor a realistic idea of what it will take to catch up or leapfrog their competitors in this highly competitive space. Namely, factors such as online sales penetration, business performance, attitudes about digital, pl... (more)

[session] A Live Hack Simulation | @CloudExpo @VinnyTroia #AI #DX #Security

Know Your Adversary: A Live Hack Simulation Using NSA's Stolen Digital Weapons When NSA's digital armory was leaked, it was only a matter of time before the code was morphed into a ransom seeking worm. This talk, designed for C-level attendees, demonstrates a Live Hack of a virtual environment to show the ease in which any average user can leverage these tools and infiltrate their network environment. This session will include: An overview of the Shadbrokers NSA leak situation A review of the first iteration of the malware - lifecycle, how it was stopped, etc. A review of iterations of the malware Some states on machines still accessible (via Shodan stats) In his session at 20th Cloud Expo, Vinny Troia, CEO of NightLion Security, will also include a live hack simulation. This will be pre-recorded but he will walk the audience through what is happening. He will cov... (more)

Insource or Outsource the SOC | @CloudExpo #AI #SOC #Security #Analytics

These days attacks are becoming more sophisticated and more common. Mobile devices, cloud computing and the Internet of Things have increased the number of access points that must be secured. To complicate matters, CISOs are been directed to secure system without compromising the seamless experience that customers expect across channels, and if the organization is in a regulated industry, compliance issues likely increase the team's workload. To best detect threats and respond to incidents quickly, many organizations decide they need a security operations center to provide proper protection and continuous prevention. Then they must decide whether to build an internal Security Operations Center (SOC) or outsource. Advantages and Disadvantages of an Internal SOC The advantages of building an internal SOC include: A dedicated staff that knows the particular environment a... (more)

How to Turn Your Microwave into a Camera | @ThingsExpo #IoT #M2M #Security

You can turn a microwave into a camera and I’ll teach you how in a minute, but before I do, let me share this news item. In a recent interview with a reporter from the Bergen Record, Kellyanne Conway was asked about surveillance. She responded: “There are many ways to surveil each other now, unfortunately. There was an article this week that talked about how you can surveil someone through their phones, certainly through their television sets, any number of different ways. And microwaves that turn into cameras, etc. So we know that that is just a fact of modern life.” On its face, her statement about “microwaves that turn into cameras, et cetera” is ridiculous. It reminds me of the late Sen. Ted Stevens’ famous “Tubes” speech. I went right after “Uncle Ted” for his techno–faux pas, but even then, there were bigger issues to consider. It would be exceptionally easy ... (more)

[video] #IoT Security with @SecureChannels | @ThingsExpo #BigData #AI #M2M

"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The World's Largest "Cloud Digital Transformation" Event @CloudExpo / @ThingsExpo 2017 New York (June 6-8, 2017, Javits Center, Manhattan) @CloudExpo / @ThingsExpo 2017 Silicon Valley (Oct. 31 - Nov. 2, 2017, Santa Clara Convention Center, CA) Full Conference Registration Gold Pass and Exhibit Hall ▸ Here Register For @CloudExpo ▸ Here via EventBrite Register For @ThingsExpo ▸ Here via EventBrite Register For @DevOpsSummit ▸ Here via EventBrite Sponsorship Opportunities Sponsors of... (more)

Should You Fear #ArtificialIntelligence | @CloudExpo #BigData #IoT #AI #ML

Opining about the future of AI at the recent Brilliant Minds event at Symposium Stockholm, Google Executive Chairman Eric Schmidt rejected warnings from Elon Musk and Stephen Hawking about the dangers of AI, saying, “In the case of Stephen Hawking, although a brilliant man, he’s not a computer scientist. Elon is also a brilliant man, though he too is a physicist, not a computer scientist.” This absurd dismissal of Musk and Hawking was in response to an absurd question about “the possibility of an artificial superintelligence trying to destroy mankind in the near future.” Schmidt went on to say, “It’s a movie. The state of the earth currently does not support any of these scenarios.” If You Ask the Wrong Question … Hal 9000 (2001: A Space Odyssey), WOPR (War Games) and Colossus (The Forbin Project – it’s a 70’s B-budget disaster/thriller; look it up) are all pure ... (more)

DDoS Mitigation | @CloudExpo @WebairInc #IoT #Cybersecurity #DataCenter

Download Slide Deck: ▸ Here Download Slide Deck: ▸ Here Multi-Layer DDoS Mitigation Strategies As DDoS attacks evolve to become more sophisticated and complex, they have also become much more difficult to combat and block. To protect customer applications from these damaging and costly incursions and safeguard mission-critical services, a multi-layer mitigation strategy should be employed. This strategy offers protection in several different ways: mitigating attacks from the server level to the application level as well as securing both the Linux OS and firewall layers. Using open source software also provides protection over and above the server stack, while third-party systems can be effectively utilized to provide an even larger-scale cloud mitigation solution. Download Slide Deck: ▸ Here In their session at 18th Cloud Expo, Sagi Brody, Chief Technology Office... (more)

When Things Attack! | @ThingsExpo #IoT #M2M #API #Security

As I started writing this blog, I happened to be watching an episode from the new season of Black Mirror on Netflix. Black Mirror is a Sci-Fi anthology series, ala the Twilight Zone, although with a much darker perspective on both humanity and technology. I found the episode, ‘Most Hated in the Nation' somewhat apropos to my topic. The episode follows a police detective investigating the apparent murder of a columnist. This individual has been deluged with social media hate diatribes that would seem familiar to many. As the investigation continues, more mysterious deaths occur, with the victims all being targets of similar social media anger. Meanwhile, in the background, there are various news stories and visual cuts to ADIs (Autonomic Drone Insects). These tiny bee-like drones are being deployed throughout the country to replace the dying bee population, allowing ... (more)

Why Healthcare IT Teams Love Intelligent Deception | @CloudExpo #Cloud #Cybersecurity

The healthcare industry is not immune from today's relentless wave of cyberattacks. Cyber theft of protected health information (PHI) is on the rise, and health organizations understand that 100 percent prevention of attacks is not realistic. According to Ponemon Institute's Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data report, nearly 90 percent of all healthcare organizations have suffered at least one data breach in the last two years. According to another report, 88 percent of ransomware attacks in Q2 2016 were on healthcare entities. Traditional prevention and detection techniques are falling short, and healthcare IT professionals are scrambling for new approaches that can more effectively detect attacks and mitigate the growing risks and damage. Emerging on the scene, deception-based solutions offer a proven way to stop attackers in the... (more)

Cloudbric to Exhibit at @CloudExpo | @Cloudbric #IoT #Cyberaware #InfoSec

SYS-CON Events announced today that Cloudbric, a leading website security provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Cloudbric is an elite full service website protection solution specifically designed for IT novices, entrepreneurs, and small and medium businesses. First launched in 2015, Cloudbric is based on the enterprise level Web Application Firewall by Penta Security Systems, which has served more than 2,900 customers for close to 12 years. Penta Security Systems is a global information security firm headquartered in Seoul, South Korea. For more information visit https://www.cloudbric.com. @ThingsExpo - The World's Largest 'Internet of Things' Event, November 1-3, 2016, at the Santa Clara Convention Center! Secrets of Sponsors and Exhibitor... (more)

Part 2: What ‘Mr. Robot’ Can Teach Us About Incident Response | @CloudExpo #IoT #Cloud #Security

We continue with the second part of our two-part series. If you missed the first part, we are discussing what security professionals can learn from the hit series, "Mr. Robot." The series explores the world of organized hacking as well as the security measures being used to stop the hackers. Vulnerabilities Abound in the Internet of Things During the two seasons that the show has aired, viewers have seen examples of how hackers can exploit connected devices. One of the most extreme examples was when hackers took over the attorney's smart home, generating a nightmare of constantly changing sounds and lights and leading the attorney to run from her own home. Another example touching on IoT security was Dominique's use of a digital assistant to discuss topics of an intimate nature. Should a hacker manage to gain access to the records, the possibilities for blackmail or ... (more)