STE WILLIAMS

Some of the most important security analytics tasks that organizations perform must be done with the pressure of a running clock and exacting standards for how data is preserved and manipulated. Unlike day-to-day log analysis, post-breach inspection of security data requires special considerations in the collection and handling of information following a compromise.

1. Collecting Relevant Data
The importance of the clock ticking in a compromise situation is one of the most crucial to remember when conducting analytics on forensic data. Firstly because investigators need to figure out what went wrong in order to stop active compromise situations and prevent further damage from occurring. And, secondly, because minimizing the breach notification window with ample public information is so crucial from a regulatory, legal and PR perspective.

“When a breach has been detected, it’s really important to have instant visibility from multiple viewpoints because you need to actually understand the breach, scope out the damage and remediate,” says Lucas Zaichkowsky, enterprise defense architect for AccessData.

Some of the types of data that can come into play within a forensic analysis include log files from multiple sources, information on affected endpoints such as structured file data or data in memory, as well as volatile data such as open network connections or running processes on systems, says J.J. Thompson, managing partner at Rook Consulting.

“You’re going to want to collect anything that is in scope for the incident, so you’re going to want to make sure you collect all of the system logs, database logs and network logs that you can possibly get your hands on,” he says, “and make sure that those are accessible and available for future analytics. That’s step one.”

Depending where initial log review starts to lead the incident response team, that’s where deeper collection of data within host logs will occur. This lays in contrast with standard security operations analytics, where host data happens “significantly less frequently,” Thompson says.

[How do you know if you’ve been breached? See Top 15 Indicators of Compromise.]

2. Make Data Collection A Possibility
Unfortunately, many organizations struggle to gain timely visibility into security data because they didn’t prepare enough data collection mechanisms in advance of the incident in order to offer them that immediate lens into what happened within the infrastructure impacted by a breach.

“A lot of time people will find out what they need to collect once they see the indicators of compromise and realize that collecting that information from then on is kind of a moot point,” says Chris Novak, global managing principal of investigative response for Verizon Enterprise Solutions, who recommends that organizations test themselves with mock incidents and walk through a collection scenario before their hair is on fire. “A mock incident is a way to really have those teachable moments as to what exactly it is that you need to be prepared for.”

In addition to shortfalls in data collection mechanisms, the mock incident may uncover a frequently lacking piece of foundational information: namely, an up-to-date network diagram. Novak says he’s frequently surprised at how many organizations might have a fully detailed rendering of the physical building a data center is hosted in while lacking a network map counterpart.

3. Preserve Data For Longer Than You Think You’ll Need It
As organizations think about what types of data to routinely collect, they should also be mindful of keeping it long enough as a precautionary measure to allow for taking a lengthy enough backwards look at the data to pinpoint the initial compromise. According to Zaichkowsky the longest time he’s witnessed between initial discovery of compromise and forensics trail to initial infiltration of ‘victim zero’ was 456 days.

“That’s a long attack lifecycle that they need to be able to reconstruct what happened,” he says.

As a rule of thumb, he recommends organizations retain at least a year’s worth of relevant log data, with three months’ worth of it online and ready to search at a moment’s notice.

In addition to this precautionary groundwork, once a breach has been discovered those retention windows on the in-scope data should lengthen considerably. After an investigation is complete, organizations should secure and archive that collected data in case it is need for a rainy day. That could mean for legal purposes, but also on the chance that compromise went deeper than initially thought.

“A lot of times companies will go through the process, remediate and then when they find three months later the attack was resumed, they realize the attacker is still in the system but all of the relevant data was deleted after the investigation,” he says.

4. Establish A Chain Of Custody
As Zaichkowsky mentioned, analytics of forensics data will lead to inspection of data that’s rarely looked into on a day-to-day basis. As an investigation team digs into collection of volatile and legally sensitive data, they must not only think about preservation of data that will lead to swift mitigation of risk but also about preservation of evidence in a legally admissible way.

“Things typically start with the preservation of the evidence: not powering off systems so we can collect volatile data and maintaining a proper chain of custody,” he says.

Establishing chain of custody is an imperative for cases where litigation or legal proceedings could of occur. The key thing being able to document how data was obtained, by whom, when it was obtained and maintaining the integrity of the data state to prove it was never tampered with during the investigation process, says Thompson.
“It’s really about making sure that you can show counsel that this evidence was obtained using forensically sound mechanisms, it was not altered and you have that evidence available for opposing counsels, advisors, consultants and experts to analyze it there themselves and see if they come to the same conclusions,” he says.

Typically, the best practice is to pull the entire binary or data in full, duplicate it and keep a hashed copy prior to running analytics on the working copy of data in order to show it hasn’t been altered in any way, Zaichkowsky says.

5. Go Down The Rabbit Hole Without Getting Lost
With evidence bagged and tagged and data ready for analysis, the hard work still lies ahead for investigators who must roll their sleeves up and inspect the data. While the mantra for forensics collection of data is to collect as much as you can that could tie to the incident, that scope needs to be tightened once it is time to run analysis.

“Usually what happens is you have massive scope creep and an overconsumption of that forensics data—you collect so much you feel like you have to analyze the same amount,” Novak says, who instead recommends customers use an ‘evidence-based’ approach to the investigation. “How did you recognize the problem? Start there and only expand as much as you need.”

Thompson agrees, stating that organizations should let the indicators of compromise lead the investigation into the paths of analysis. One way he gets his analysts to tighten focus is to go through an exercise where they literally draw a box on a piece of paper and hand write out the components that were indicators that lead them to believe there was a compromise. The idea is to draw out lines and start brainstorming within that box in a way similar to how a detective would work through evidence in a physical crime case. With that picture in front of them, it is easier to start listing out the investigative techniques to start with so that the analyst can jump down potential rabbit holes without ever getting lost.

“That really helps them keep on track so that they don’t end up veering off course,” he says.

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/5-considerations-for-post-breach-securit/240164113

5 ways to prepare your advertising infrastructure for disaster

Hackers have thrown multiple attacks at US President Obama’s medical insurance bazaar HealthCare.gov since it went live in October, according to a senior US government official.

Acting assistant Homeland Security secretary Roberta Stempfley told a hearing of the House Homeland Security (HHS) Committee that the website was assaulted 16 times between 6 and 8 November, adding that all the attempts to knacker the site had failed, CNN reports (the site was perfectly capable of taking itself down, as it turned out).

Stempfley failed to specify the nature of the attempted attacks – but one expert at the committee hearing warned it’s just a matter of time before the website, which handles highly sensitive and personal information about US citizens, is compromised.

Separately US authorities are investigating the release of a “denial-of-service tool” designed to hit the healthcare website with more traffic than it can handle. The “Destroy Obama Care” utility is designed to put a strain on the site by alternating requests for two different pages on the site.

This is not a particularly aggressive, nor seemingly effective, approach. The tool has been mentioned on social networks, and made available for download from a small number of sites.

HealthCare.gov has been difficult to reach at times and less than reliable, but that’s another story.

Dan Holden, director of security research for DDoS mitigation experts Arbor Networks, told CNN that the ObamaCare site’s availability issues were unrelated to use of the “Destroy Obama Care” tool.

“We have not monitored any attacks,” Holden told CNN. “We have not seen any sizeable, or anything to believe that these problems are related to DDOS.”

“I don’t believe that the problems with the site’s availability is due to any kind of DDOS attack,” he added.

Arbor was one of the first firm to document the utility earlier this month. Researcher Marc Eisenbarth said that the tool’s request rate, non-distributed attack architecture and other limitations meant it was “unlikely to succeed in affecting the availability of the healthcare.gov site.”

HealthCare.gov is a high profile public website, but database expert Luke Chung testified before the HHS committee that despite costing ten of millions of dollars or more it features a “sub-par” design ill fitting for such a high-profile project. From a purely security perspective, the site has been penetration tested, and remediation work has reportedly been carried out. However independent security experts continue to warn that HealthCare.gov is not up to the job, with some going further and describing it as something like an accident waiting to happen.

David Kennedy, founder of computer security biz TrustedSec, told the hearing the healthcare.gov “is either hacked already, or will be soon”. He added that site is so full of functional and “critical” security problems that it would never have gone live if it was a commercial, private concern.

He also produced a 17-page dossier, laying out all the issues he found with the site.

“There is a lot of stuff that we are not publicly disclosing because of the criticality of the findings,” Kennedy said. “We don’t want to hurt people.”

Reasons for Kennedy’s gloomy prognosis are not hard to locate. Incredibly the Healthcare.gov website’s search box helpfully suggests SQL injection attack strings in its autocomplete list – indicating someone at least has been probing the site.

The House of Representatives Science, Space, and Technology Committee is holding hearings on the security and functionality of the HealthCare.gov website. ®

ioControl – hybrid storage performance leadership

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/11/19/obamacare_site_insecurity_fears/

Just in time for the holidays, the price of a stolen identity has dropped as much as 37 percent in the cybercrime underground: to $25 for a U.S. identity, and $40 for an overseas identity.

Researcher Joe Stewart of Dell SecureWorks teamed up with independent researcher David Shear to get an insider’s look at what a plethora of hacking services and stolen data cost these days in the underground. Among their findings: for $300 or less, you can acquire credentials for a bank account with a balance of $70,000 to $150,000, and $400 is all it takes to get a rival or targeted business knocked offline with a distributed denial-of-service (DDoS)-for-hire attack. Meanwhile, ID theft and bank account credentials are getting cheaper because there is just so much inventory (aka stolen personal information) out there.

“Fullz,” or personal identities, went for $40 per U.S. stolen ID and $60 for a stolen overseas ID in 2011 when Dell SecureWorks last studied pricing in the underground marketplace. Now those IDs are 33- to 37 percent cheaper.

With the high volume of data breaches and leaks over the past couple of years, it’s no surprise the price of a stolen identity would have declined, says Stewart, who is director of malware research for Dell SecureWorks. “I expected to see the drop,” he says. “The best thing we could hope for was for these prices to be very high. It would be a more encouraging trend if the prices increased.”

It’s also getting easier to cash in on cybercrime. “This report shows that cybercrime is becoming more and more commoditized, turnkey, and the bar to entry had become lower and lower as more people develop kits” that simplify data theft, he says. Competition among the cybergangs also has intensified as more people join in the scams, he says. “It’s created a situation where it’s getting very easy for anyone to get into that business. I think these numbers confirm it,” Stewart says.

Pricing trends are interesting, says Raj Samani, CTO of McAfee. But they also can be misleading, he says, because prices are all over the map. “You can have varying prices depending on the sources you go to.”

McAfee in its June cybercrime study found a DDoS-for-hire service for $2 per hour, and another for $3 per hour, for instance, he says.

Dell SecureWorks found DDoS services anywhere from $3- to $5 per hour, $90- to $100 per day, and $400 to $600 a month.

The big takeaway for all of this, Samani says, is that cybercrime-as-a-service has arrived. “It doesn’t require any technical knowledge, and you don’t even have to own a computer,” Samani says. “You just need to pay” and you can outsource anything, he says.

[Criminals have expanded use of the cloud-service model to make their illegal enterprises more efficient and accessible. See Dark-Side Services Continue To Grow And Prosper.]

To gather pricing information, researcher Shear infiltrated 15 different underground forums to gather the pricing information, four of which were Russian forums. Shear concentrated his efforts mainly on well-organized forums, according to SecureWorks.

Stewart and Shear found more cybercriminals selling a cardholder victim’s birth date and Social Security Number as well as the card data itself to ensure the stolen card data can be used and the buyer won’t get tripped up by any security questions or controls. “The hackers have come to realize that merely having a credit card number and corresponding CVV code (Card Verification Value–the 3 or 4 digit number on one’s credit or debit card) is not always enough to meet the security protocols of some retailers,” SecureWorks said in its report. “Hackers are also selling cardholders’ Date of Birth and/or Social Security Number. Having this additional information would allow a hacker to answer additional security questions or produce a fake identification, to go along with a duplicate credit card.”

The cost of getting a website hacked runs from $100 to $300, with more experienced black hat hackers charging more for their services. In an interesting twist, the researchers found that these attackers stipulated that they don’t hack government or military websites.

Doxing services—where a hacker steals as much information as they can about a victim or target via social media, social engineering, or Trojan infection—ranges from $25 to $100.

Bots are cheap, too: 1,000 bots go for $20, and 15,000, for $250.

Meanwhile, stolen credit cards for U.S. accounts (with CVV numbers) remained about the same since SecureWorks last studied pricing on them in 2011. The ranged from $4- to $8 per account, while European accounts dropped from $21 to $18 today. It’s all about inventory of such a commodity item, according to the researchers.

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/attacks-breaches/glut-in-stolen-identities-forces-price-c/240164089

Nearly 60 percent of small- to midsized businesses say upper management doesn’t consider cyberattacks a big risk to their organizations.

Meanwhile, 33 percent aren’t sure if their business has been hit by an attack in the past 12 months, while 42 percent say they have experienced an attack, according to a new Ponemon Institute survey of 2,000 small- to midsized businesses in the U.S., U.K., Germany and Asia-Pacific.

Respondents in the more senior-level jobs are the most unsure about the real threats to their businesses, according to the Sophos-sponsored survey, and CISOs and other senior managers are not typically involved in security priority decision-making. Around 30 percent say their CIO is in charge of setting security priorities and 31 percent say no one person is in charge of it.

The good news in the survey was that at least some SMBs recognized they aren’t as prepared as they should be for today’s threats, says John Shier, senior engineer at Sophos. Even so, many more are not: “But it’s disheartening that we are in this situation of their not knowing their security posture,” he says.

Nearly 30 percent don’t know how much damage or theft to their IT assets would cost their organization, and nearly one-fifth don’t know what an IT disruption would cost them. Budgets are tight, with more than 40 percent saying their budgets aren’t sufficient for locking down their networks, and just 25 percent say they have sufficient security expertise in-house.

The study also measured the uncertainty index by industry, and retailers and education research were the industries showing the most uncertainty about their security postures. Financial services and technology software fared as the most sure about their situations. Shier says SMB financial services firms may be more knowledgeable about their security postures due to their regulatory requirements.

“But the fact remains in breaches that occur that [SMBs] are equally as vulnerable when it comes to breaches and security threats,” he says.

Larry Ponemon, president of the Ponemon Institute, says SMBs need to get a grasp on the risks. “CIOs are under pressure to implement new technology that informs agile and efficient ways of working, but this should not take precedence over security. The industry needs to recognize the potential dangers of not taking cyber security seriously and create support systems to improve SMB security postures,” he says.

The full report, “The Risk of an Uncertain Security Strategy: Study of Global IT Practitioners in SMB Organizations,” is available here (PDF) for download.

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/vulnerability/smbs-unsure-and-at-risk-survey-finds/240164100

Downers Grove, Ill., November 19, 2013 – Organizations are overwhelmingly confident in their readiness to combat security threats, but may not be prepared for dangers linked to new technology models and increasingly sophisticated threats, according to a new study released today by CompTIA, the non-profit association for the information technology (IT) industry.

The overwhelming majority of companies (82 percent) surveyed for CompTIA’s 11th Annual Information Security Trends study view their current level of security as completely or mostly satisfactory.

But just 13% of firms say they’ve made drastic changes to their security approach over the past two years. This at a time when organizations have embraced cloud computing; enabled employee BYOD practices; and expanded their use of social tools.

“The use of new technologies necessitates a change in security approach,” said Seth Robinson, director, technology analysis, CompTIA. “It’s clear why companies view security as a top priority; but what’s less clear is whether they are fully aware of which actions to take to build an appropriate security posture for a new era of IT.”

Levels of concern for a wide range of threats remains virtually unchanged from past years, too. Most companies still view hacking and malware as the preeminent threats. But a host of new dangers are quickly becoming more prevalent, including Advanced Persistent Threats, Denial of Service attacks, IPv6 attacks and mobile malware.

“Many organizations may be assuming a satisfactory level of security without truly performing the due diligence to understand their exposure and build an appropriate security posture for a new era of IT,” Robinson continued. “To truly ‘move the needle’ on security readiness, the overall approach must be re-evaluated from the top level of the business down through all departments.”

Security and the Human Factor

Throughout the 11 years of the CompTIA study the human element has been a major factor in both security readiness and shortcomings. This year is no different. Human error accounts for the majority of root cause in security breaches; and 51% of companies say human error has become more of a factor over the past two years. This may be due in part to the introduction of cloud computing, mobility and social media into the enterprise.

Yet it’s striking that few companies (21 percent) view human error as a serious concern.

“End users control powerful devices and business-class systems, often without the oversight of the IT team,” said Robinson. “While they may be able to use these devices and systems, they typically do not have the background knowledge and experience with security that allows them to recognize potential threats.”

Another consistent, historic theme in this study is the difficulty companies have in finding security professionals with the right skill mix. Cloud security, mobile security, data loss prevention and risk analysis are the four areas where skills are seen as most lacking in 2013.

One solution may be more security certifications for IT professionals. Two-thirds of companies say IT workers with security certifications are more valuable to the organization; while 86% say certified security workers deliver a moderate to high return on investment.

CompTIA’s 11th Annual Information Security Trends study is based on online surveys of 500 business and IT professionals in the United States involved in IT decision-making for their organizations; and 500 executives at U.S. IT channel companies.

More details from the study are available at http://www.slideshare.net/comptia/comptia-11th-annual-information-security-trends. The complete report is avialable at no cost to CompTIA members, who can access the study at www.CompTIA.org or by contacting [email protected].

About CompTIA

CompTIA is the voice of the world’s information technology (IT) industry. Its members are the companies at the forefront of innovation; and the professionals responsible for maximizing the benefits organizations receive from their investments in technology. CompTIA is dedicated to advancing industry growth through its educational programs, market research, networking events, professional certifications, and public policy advocacy. To learn more, visit www.comptia.org, http://www.facebook.com/CompTIA and http://twitter.com/comptia.

Article source: http://www.darkreading.com/management/comptia-false-sense-of-security-executiv/240164104

HOPKINTON, MASS, NOVEMBER 19, 2013 –

EMC Corporation (NYSE:EMC) today announced results of an independent survey revealing fresh insights about IT strategies and infrastructures deployed within companies and governments throughout the world. Most notably, respondents cite a startling lack of senior executive confidence that permeates organizations globally, specifically concerning readiness around the critical IT requirements of continuous availability; advanced security; and integrated backup and recovery. Reduced investment in these critical areas threatens the ability of IT infrastructures to withstand and quickly recover from disruptive incidents such as unplanned downtime, security breaches and data loss and underscores the need to adopt progressive strategies to achieve Trusted IT infrastructures.

View complete survey details here.

The Global IT Trust Curve survey, administered by independent market research firm Vanson Bourne, spans 3,200 interviews across 16 countries and 10 industry sectors.

China received the top maturity ranking: Chinese IT decision makers reported implementing the highest concentration of sophisticated continuous availability, advanced security, and integrated backup and recovery technologies. The United States ranked second in maturity on the IT Trust Curve. Underscoring swift and aggressive technology investments to solidify their world influence, three of the four most mature countries — China, South Africa and Brazil — are BRICS nations. Japan ranked last on the IT Trust Curve in the16-nation survey.

David Goulden, EMC President and Chief Operating Officer, said, “The four big megatrends in information technology today are cloud computing, Big Data, social networking and mobile devices. Adoption and maturity of these trends must float upon a sea of trust — trust that my information is secure in the cloud, trust that my data won’t be lost or stolen, trust that my IT will be operational when it needs to be — which, these days, is all the time. The more trust that can be earned and guaranteed, the bigger and faster the impact of these trends. Conversely, the less trust that is established, the more limited these trends will be. Where countries fall on the IT Trust maturity curve could affect their overall ability to compete.”

Chief among the findings are:

Lower levels of maturity permeate the globe:

More than half (57%) of all respondents fall into the lower maturity categories, while only 8% place in the Leader category.

The higher organizations land on the maturity curve, the more likely they are to have already implemented more strategic and leading-edge technology projects such as Big Data Analytics.

Lack of confidence in technology infrastructure:

Nearly half (45%) of all respondents globally report that their senior executives are not confident that their organizations have adequate availability, security, and backup and recovery capabilities.

When asked about executive confidence levels, the percentage of all respondents within each maturity level who said their senior executives are confident that their organizations have adequate availability, security, and backup and recovery are: Laggard (39%), Evaluator (51%), Adopter (65%) and Leader (81%).

Japan has the smallest percentage of respondents (31%) reporting that their senior teams have confidence in these key aspects of IT; Germany has the highest percentage (66%).

19% (nearly one in five) of respondents worldwide cite an overall lack of confidence in their technology infrastructure.

Significant disparity exists between how IT and business leaders perceive improvements:

While 70% of IT decision makers consider the IT department to be the motivation/drive for future resilient and secure IT infrastructure, the number drops to 50% for business decisions makers when asked the same question.

A similar perception gap extends in key disciplines such as security. While 27% of IT respondents report being victims of a data breach in the past 12 months, only 19% of business decision makers globally report being victims, indicating they are not aware of all technology incidents that impact the business.

Organizations with higher levels of maturity avoid — and recover more quickly from — disruptive incidents and with reduced consequence. For example, globally:

53% of organizations in the Leader segment of the IT Trust Curve reported data recovery time measured in minutes or less for their most mission critical applications. The percentage drops to 27% across all maturity tiers.

76% of companies in the Leader segment believe they are able to recover 100% of their lost data in every instance versus only 44% in the lowest maturity segment.

Organizations in the lowest maturity segment (Laggard) lost one and a half times more money over the last 12 months as a result of downtime than those in the highest maturity segment (Leader).

Security breaches were the most costly events suffered by respondents, who reported an average annual financial loss of $860,273 due to breaches, followed by $585,892 and $497,037 respectively for data loss and downtime.

Widespread unplanned downtime, security breaches and data loss:

61% of all respondents’ companies have suffered at least one of the following incidents: unplanned downtime (37%), security breach (23%) or data loss (29%) in the last 12 months.

Top 4 consequences across organizations experiencing at least one of the above incidents within the last 12 months were loss of employee productivity (45%), loss of revenue (39%), loss of customer confidence/loyalty (32%) and loss of incremental business opportunity (27%).

Budget constraints (52%) reigned as the #1 obstacle to implementing continuous availability, advanced security, and integrated backup and recovery solutions. Resources and/or workload constraints (35%), poor planning (33%) and knowledge skills (32%) rounded out the top four. China was the only country that did not report budget as the #1 obstacle.

Top security concerns identified across all respondents were third party application access (43%) and protection of intellectual property (42%), pointing to the need for more advanced technology and intelligence-driven models:

There remains a heavy reliance on “prevention-oriented” security tools, with more than 80% of respondents using anti-virus and firewalls as the 2 most popular security solutions.

Just 18% have adopted Security Information and Event Management (SIEM) and even fewer, 11%, have adopted Governance Risk and Compliance (GRC) solutions, which provide the necessary monitoring and response capabilities needed to defend against more advanced threats.

Highly-regulated industries throughout the world displayed proportionally higher maturity levels:

In addition to the IT and Technology (#3) industries, the remaining Top 5 most mature industries globally are the highly-regulated Financial Services (#1), Life Sciences (#2), Healthcare (#4) and Public Sector (#5).

EXECUTIVE AND ANALYST QUOTES

Irina Simmons, Chief Risk Officer, EMC

“Most IT practitioners do everything within their power and control to protect the enterprise. Where breakdowns can occur is in communicating up to business leaders, executives, Boards and audit committees. We hear it from Boards all the time. Practitioners need to be able to demonstrate to leadership that they have a governance process whereby they can adequately instil confidence that risks are being addressed in line with the organization’s overall risk appetite and profile. Success against a particular threat is not just an accident or good luck, but the result of a solid process that continually monitors and addresses new risks and threats to the enterprise.”

Dave Martin, Chief Security Officer, EMC

“The time has come for the industry to double down. It’s impossible to deliver advanced security if we lack foundational maturity. Without a predictable environment, or understanding of where our assets are, or an ability to pick up on nuances and detect behavioural anomalies, we will be unable to defend the organization. That baseline of foundational maturity is an absolute enabler of effective security and establishing overall trust.”

Christian Christiansen, Program Vice President for IDC’s Security Products and Services Group

“Among the many powerful insights that flow from this global study, the rampant lack of senior executive confidence stands out as both alarming and, unfortunately, a sign of the times. Nearly half of respondents say their senior management has zero confidence that their organizations are prepared with adequate availability, security, and backup and recovery. That one startling fact stands as a wakeup call for company boards to make the necessary investments to brace against both external and self-imposed disruptions and threats to their IT systems and data.”

ADDITIONAL RESOURCES

View full survey results at the IT Trust Curve interactive microsite

Video: Irina Simmons, Chief Risk Officer, EMC

Video: Dave Martin, Chief Security Officer, EMC

Reflections Blog: Why 45% of Executives Lack Confidence in Their IT

Connect with EMC via Twitter, Facebook, YouTube, and LinkedIn

METHODOLOGY

Survey data is the result of 3200 interviews of 1600 IT and 1600 business decision makers from the United States, the United Kingdom, Canada, Brazil, France, Germany, Italy, Spain, Russia, India, South Africa, Australia, Japan, China and the Nordic and Benelux regions. Respondents were employed at companies within ten industry sectors, with 50% working for organizations with 100-1000 employees and the other 50% at organizations with more than 1000 employees.

To create the maturity curve, IT decision-makers were asked specific questions relating to IT infrastructure in each of the three pillar sections, continuous availability, advanced security and integrated backup and recovery. Within each section, respondents scored points for the sophistication of their organization’s existing technology, but not for anything in the planning stages. Each section was scored out of a total of a maximum of 18 points and combined to give a total overall maturity score out of 54. This score was then multiplied by a scaling factor to normalize the curve and give a total score out of 100 points. Once scored, these IT decision-makers were divided into four even segments from a low to high score; Laggards (scoring 1–25), Evaluators (scoring 26-50), Adopters (scoring 51-75) and Leaders (scoring 76-100).

Article source: http://www.darkreading.com/management/emc-study-china-rates-itself-as-worlds-1/240164103

SUNNYVALE, Calif., November 19, 2013 – Adding to its armory of high-performance data center firewalls, Fortinet (NASDAQ: FTNT) – a global leader in high-performance network security, today launched a new enterprise firewall destined to disrupt the enterprise security market. This new firewall, the FortiGate-1500D, delivers unparalleled price/performance in a flexible appliance form factor to meet any number of enterprise deployment scenarios, such as a campus edge, data center or even branch office.

Standout features of the new FortiGate-1500D include:

Industry leading price/performance protection – The FortiGate-1500D achieves 80 Gbps firewall throughput that sets a new standard of price per Gbps protected traffic;

High-performance next-generation threat protection – Additionally, the FortiGate-1500D provides 10 Gbps intrusion prevention and application control performance, which is five times faster than any comparable next-generation firewall;

Unparalleled processing power – Like the recently announced FortiGate-3700D, the new FortiGate 1500D utilizes the latest FortiASICtrade NP6 network processor and CP8 content processor to provide high-speed cryptographic and content inspection services. This allows for accelerated content inspection and the ability to offload encryption/decryption, thus helping to ensure peak firewall performance.

“As enterprises re-architect their networks to take advantage of cloud services and rich content, high-performance security is essential to this next wave of infrastructure and development,” said John Maddison, VP of Marketing at Fortinet. “With the new FortiGate-1500D, enterprises can have it all – cutting edge network speed coupled with state of the art network security.”

“Without a doubt, the move to faster network technologies is forcing enterprises to look at upgrading every moving part of their IT infrastructure, and firewalls are no different,” said Jeff Wilson, Principal Security Analyst at Infonetics. “The need to add high-speed interfaces to firewalls (10G, 40G and eventually 100G) tops the list of drivers for investing in new high-performance firewalls.”

Flexible for Today’s Enterprise

The new FortiGate-1500D leverages FortiOS 5, the industry’s most advanced network security operating system. As the OS foundation for all FortiGate network security platforms, it can be used across large or small enterprise infrastructures and multiple security application personalities. FortiOS 5 allows for flexible deployment modes within the enterprise using different firewall personalities, including firewall + VPN, firewall + IPS, NGFW, advanced threat protection and more.

To help ensure optimal uptime, FortiOS 5 also provides multiple forms of high availability (HA) such as Active-Active, Active Passive or Virtual Cluster. Depending on the configuration, failover times are in the sub-second range. Multiple HA deployment modes allow tight integration into different enterprise environments.

Optimized for Complex Network Needs

The FortiGate-1500D includes eight 10 GbE (SFP+) and 32 GbE ports in a high-density, compact (2U) appliance form factor. As enterprises build out new or redesign data centers, network segmentation is taking a more critical role in their architecture. The segmentation may be based on perimeter architecture, services, function or regulatory requirements and effectively separates networks physically or virtually to better provide security service level agreements. Fortinet offers physical, hybrid or virtual network segmentation via its virtual domain (VDOM) capability.

Leverages the FortiASIC Advantage

The FortiGate-1500D features the latest FortiASIC NP6 processor, which operates in-line with firewall and VPN functions to deliver several key benefits. These include wire-speed firewall performance at the network edge for any size packets, including IPv4 and IPv6; processing headroom to support NAT 46, NAT64, or NAT66; VPN control and provisioning of wireless access points (CAPWAP), and generic routing encapsulation (GRE) acceleration; anomaly-based intrusion prevention, checksum offload and packet defragmentation; and traffic shaping and priority queuing. All of this allows for high-performance protection, while eliminating performance bottlenecks.

Availability

The FortiGate-1500D is available in the U.S. now from authorized Fortinet resellers. For more information, please visit: http://www.fortinet.com/products/fortigate/1500D.html

About Fortinet

Fortinet (NASDAQ: FTNT) helps protect networks, users and data from continually evolving threats. As a global leader in high-performance network security, we enable businesses and governments to consolidate and integrate stand-alone technologies without suffering performance penalties. Unlike costly, inflexible and low-performance alternatives, Fortinet solutions empower customers to embrace new technologies and business opportunities while protecting essential systems and content. Learn more at www.fortinet.com.

Article source: http://www.darkreading.com/perimeter/fortinet-adds-new-high-performance-enter/240164105

Summary: SecureMac releases PrivacyScan 1.4 to increase Mac OS X’s Mavericks security by enhancing privacy, cleaning up digital footprints left behind after using the computer and surfing the web. This latest release of PrivacyScan, engineered for Apple’s latest operating system, is available for purchase immediately and in a 15-day free trial download. http://privacyscan.securemac.com/

SecureMac has announced the release of PrivacyScan 1.4. The latest version of its critically acclaimed personal privacy application is designed specifically for Mac OS X Mavericks, adding features to securely wipe digital footprints left behind after using the computer and accessing the Internet. Because this latest release is engineered for Apple’s latest operating system (Mac OS X 10.9), it can adapt to the new technology to ensure advanced security by seeking and destroying privacy threats attempting exploit the latest Mac OS version.

In an interview, CEO Nicholas Raba stated:

“Online privacy is an ever-changing landscape and an ongoing battle. With each new operating system version released, it’s critical that users stay up-to-date with their security. It’s great to release an updated version of PrivacyScan, but really, we’re just playing our part to keep users safe.”

How does PrivacyScan work?

PrivacyScan acts like a digital private eye, identifying hidden threats that can compromise privacy when accessed by advertisers or snoopers trying to see user activity. It removes the internet clutter that accumulates in cache and history files while browsing the web. PrivacyScan covers the user’s digital tracks behind them and saves valuable hard drive space by eliminating traces of which apps and files have been accessed.

Where can users get their free trial?

PrivacyScan 1.4 is available for $14.99 USD (or equivalent amount in other currencies) and is available worldwide through the Mac App Store in the Utilities category or directly from SecureMac.com. SecureMac offers a free 15-day fully functional demo available directly from the PrivacyScan website. Existing PrivacyScan users can upgrade to the latest version free of charge.

What’s New in PrivacyScan 1.4

The new version features the following updates and improvements. A full list of features and capabilities can be found here.

Added Support for Mac OS X 10.9 (Mavericks)

Includes user interface updates and improvements

Awards Accolades

Past awards and recognitions include: Macworld | iWorld Best of Show by Macworld UK Magazine, A Mac Gem – Macworld GemFest 2012, and Editor’s Choice Award – Macworld UK. PrivacyScan has received full 5-Star ratings from both Macworld UK and Macworld AU.

Article source: http://www.darkreading.com/end-user/privacyscan-v14-boosts-os-x-mavericks-se/240164106

Tel Aviv, November 19, 2013 – DBmaestro (www.DBmaestro.com), the pioneer and leading provider of DevOps for Database solutions, announced today its analysis of new companies adopting DevOps for Database with DBmaestro. Over the past year, financial sector companies had the highest increased demand for Database Enforced Change Management (DECM) tools. Over 40% of new DBmaestro customers originated from this industry.

Within the financial sector, 60% of DBmasetro’s new clients are banks and insurance companies which find themselves more exposed to risk. In addition, DevOps for Database is becoming widespread in other markets. DBmaestro’s findings show that new customers from the government sector made up about 20% of the new DECM demand. Security and telecom sectors each made up approximately 10% of new DevOps for Database demand in 2013. The software and retail sectors each made up about 5% of new companies committed to DevOps.

“A loss of database control in the banking and financial sector can be catastrophic”, said Yariv Tabac, Co-CEO of DBmaestro. “The increase of new customers from financial institutions demonstrate that financial companies, which must have absolute confidence in the integrity and quality of their database code, recognize the benefits which DevOps for Database provides. We expect these trends to continue in the government and security sectors as well as other industries which are seeking automation, control and enforced change management over their Database.”

To learn more about TeamWork from DBmaestro, visit our blog or Request a Free Evaluation.

About DBmaestro

DBmaestro is the pioneer and leading provider of DevOps for Database solutions which enable control of databases. Its flagship product, DBmaestro Teamwork, is the leading Database Enforced Change Management (DECM) solution that empowers Agile team collaboration through enforcing change policy and best practices. DBmaestro Teamwork enables continuous development, continuous release and continuous deployment processes which eliminate the number of potential risks threatening database development and deployment by 60% and reduces deployment costs by 95%.

DBmaestro’s solutions are deployed at major international companies including VISA, MasterCard, Knight Capital, Thomson Holidays, Bank Leumi and others.

Article source: http://www.darkreading.com/government-vertical/financial-sector-shows-highest-demand-fo/240164107

San Francisco, CA — November 19, 2013 – Lookout, a leader in technology, today launched a comprehensive business security solution designed to make mobile security and device management easy and accessible to every business and employee. Lookout for Business is the simplest way for businesses to secure all their devices from mobile threats, data loss and device loss. This launch marks Lookout’s first move in delivering solutions that help secure and protect mobile devices for businesses of all sizes.

For most companies, mobile devices are the center of productivity, so protecting them against corporate data loss, malware, spyware, and loss or theft is top of mind for IT executives. In addition to launching their Lookout for Business product, today Lookout released a white paper titled “Key Business Insights For Mobile Security in a BYOD World,” which reports on the results of a commissioned survey conducted by Forrester Consulting. According to the survey, 69% of IT executives report that they are very concerned about the threat of mobile malware, viruses, and spyware. Sixty percent have experienced lost or stolen phones in the past year. Seventy-two percent agree that there is a gap between current mobile security solutions and the security threats that businesses face today.

“Companies can no longer ignore the fact that employees are often carrying their most sensitive data on mobile phones,” says Nushin Vaiani from Canalys, an analyst firm. “Mobile security will be a priority as IT executives seek to protect phones from a myriad of threats, and in order for IT managers to see adoption of security it needs to be something employees are willing to use.”

Lookout’s “Key Business Insights For Mobile Security in a BYOD World” white paper indicates that mobile security events are costing businesses time and money: 75% of IT administrators agree that BYOD has made mobile security more challenging in the workplace, and 47% reported lost productivity associated with a mobile security event. “Lookout’s expansion into business comes at a critical time, and the security stakes are higher than ever,” says John Hering, CEO of Lookout. “Businesses approach us every day to find out how they can get Lookout for their employees, and we look forward to providing security that we know businesses require.”

Lookout’s deep consumer expertise and base of 45 million customers are the foundation for an optimized security experience that maximizes employee adoption and empowers people to take self-service actions like locating their phone. Features like Lookout’s Lock Cam and Signal Flare are valuable to employees while allowing businesses to maintain an additional level of security on their mobile device.

“Employees are a major part of the mobile security equation, and solutions that will be adopted and effective will be the ones with a minimal learning curve. Businesses want products that both their IT team and employees will use and love, and Lookout has taken that to heart,” says Jenny Roy, Head of Lookout for Business.

Lookout for Business includes:

● Comprehensive mobile security including protection against malware, web-based threats, and data loss.

● A simple way for IT Managers to manage devices including the ability to remotely locate, lock, and wipe devices.

● A cloud-based console that provides visibility and insight into the security and management of devices.

● Employee-facing features that allow users to find and secure their phone.

Lookout for Business is now generally available to the public and can be purchased at www.lookout.com/mobile-security-for-business.

ABOUT LOOKOUT

Lookout builds security software that protects people, businesses and networks from mobile threats. With the world’s largest mobile threat dataset and the power of 45 million devices, Lookout proactively prevents fraud, protects data and defends privacy. Lookout secures the mobile experience for people everywhere through Lookout Mobile Security, a consumer app, and Lookout for Business, a cloud-based business solution for device security and management. Lookout was selected as a 2013 World Economic Forum Technology Pioneer company. Lookout has offices in San Francisco and London. For more information, please visit www.lookout.com

Article source: http://www.darkreading.com/mobile/lookout-rolls-out-business-mobile-securi/240164108