STE WILLIAMS

Companies are increasingly moving to cloud: Over the 18 months ending June 2013, enterprises boosted their use of cloud storage by 90 percent, resulting in 45 percent more revenue for cloud service providers, according to report released by Verizon.

Yet, businesses should expect bumps ahead. Attackers will increasingly focus on finding ways to compromise companies’ cloud services to gain access to the valuable data stored in those online systems. From the attempted digital coup on Cloudflare’s infrastructure to breaches at businesses services such as social network LinkedIn and e-mail marketing firm Epsilon Data Management, attackers have already shown interest in illicitly accessing enterprise data in the cloud.

While the security of cloud provides is typically better than the average company, breaches will happen, say experts. And, responding to an incident will likely be more complex for businesses when the response includes a cloud provider’s infrastructure.

“The key here is to plan ahead,” says Kristy Westphal, information security officer with Element Payment Services, a secure payment processing firm recently acquired by Vantiv. “You need to know what is in your contract, what you can get access to and what you are on the hook for.”

At the coming Cloud Security Alliance (CSA) Congress, Westphal plans to discuss strategies for minimizing the impact of a cloud breach and smoothing incident response. As a first step, companies should begin including their cloud providers in their incident response planning, finding the appropriate contact at the firm and discovering what resources they can expect in the event of a breach.

Companies need to know the provider’s contractual obligations, because there is often a murky line between the cloud provider’s responsibilities for and the customer’s responsibilities, says Dave Dalva, vice president in the risk consulting practice at Stroz Friedberg.

In addition, companies should be familiar with the provider’s technologies, such as what mechanisms the cloud firm has for logging, he says. In multi-tenant cloud environments, separating the logs of one client from another may be difficult. Businesses should also find out if the provider will preserve data and hard drives for later forensics, and whether that is even possible in the cloud environment.

You need to make the lines of responsibility very clear, Dalva says.

“It may be very easy, or it may be very hard, but getting an appreciation for that stuff up front will make life a lot easier in the event of a breach,” he says.

[What attacks are most likely against cloud computing environments? Here’s a look — and some advice. See How Cybercriminals Attack The Cloud.]

Before moving to the cloud, company management should discuss incident response with the cloud provider. Executives and IT managers should ask whether the cloud service provider offers enough assurances to protect data and respond to breaches, says Dave Anderson, senior director of marketing at Voltage Security, a data-encryption provider.

“Do you trust your cloud provider to securely or properly manage the data you are throwing up into the cloud? If the cloud providers are saying that we are not going to provide that level of end-to-end data protection for you, then it’s up to you to do it,” he says.

The response will also depend on the type of cloud service that a company uses: platform-as-a-service (PaaS) and software-as-a-service (SaaS) will differ from infrastructure-as-a-service, such as Amazon EC2, because of the number of differences between cloud providers, says Element’s Westphal.

The most important step for companies is to practice incident response exercises and include the cloud provider in the session, she says. IT managers should know who the point of contact is at the cloud service provider and who is responsible for contacting cloud providers.

“You need to know who the players are–who would be involved and that they know what their roles are, so they are not trying to solve someone else’s issue,” Westphal says. “You can’t buy that kind of preparation. The more prepared you are, the better off you will be.”

While cloud providers may not provide much in terms of supporting incident response activities, that changing, says Stroz Friedberg’s Dalva.

“There is an opportunity for cloud providers that do do all the security stuff, and we are starting to see more effort to help clients with that,” he says.

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/services/companies-should-practice-for-cloud-secu/240164073

A US court has given the government 30 days to come up with a decent reason not to disclose its plan for a so-called internet kill switch.

The Electronic Privacy Information Center (EPIC) has been trying to wrangle documents concerning the kill switch – officially known as Standard Operating Procedure 303 – from the tight grip of the Department of Homeland Security (DHS) since filing a Freedom of Information Act (FOIA) in July 2012.

Standard Operating Procedure 303 describes a shutdown and restoration process for wireless networks in the event of a national crisis that would prevent, among other things, the remote triggering of radio-activated explosives.

First, DHS said it couldn’t find any records on the kill switch.

EPIC appealed.

Next, the agency managed to locate the protocol, but it redacted nearly all of it.

DHS argued that the protocol is exempt from public disclosure because it discloses “techniques and procedures for law enforcement investigations or prosecutions” or could “reasonably be expected to endanger the life or physical safety of any individual.”

In the case of disclosing SOP 303, the government argued that “any individual” means anybody anywhere near an unexploded bomb.

The United States District Court for the District of Columbia rejected the agency’s arguments.

In its memorandum, the court wrote that the government’s interpretation of the law was a teensy bit broad, given that it could apply to everybody on the planet:

Indeed, if the Government’s interpretation were to hold, there is no limiting principle to prevent “any individual” from expanding beyond the roughly 300 million inhabitants of the United States, as the Government proposes here, to the seven billion inhabitants of the earth in other cases.

The court ordered DHS to release the records in 30 days but left the door open for the agency to appeal the ruling, given what it said was the potential impact on national security of releasing the protocol.

Civil libertarians are understandably unnerved by the idea of an internet kill switch.

After all, where does a government draw the line with defensive measures? Would the US government shut down only the government systems affected by an attack – be they systems running the traffic lights, or perhaps electrical and/or other power grids, for example – or would it shut down the whole internet?

And as Sophos’s Chester Wisniewski argued in a podcast a couple of years ago, Chet Chat #49, if we’re under attack over the internet, and that attack is disrupting essential systems, turning off the whole darn thing wouldn’t disrupt the problem.

It would just keep us all from accessing those very systems.

And as far as internet censorship goes, the Arab Spring showed the world how governments can use law, technology and violence to control what gets posted on and disseminated through the internet, as the people of Egypt, Libya and Syria saw their access shut down.

In Tunisia, the government didn’t shut down the internet – rather, it compromised its citizens’ Facebook and other social media accounts.

Which is worse? To know that access has been cut off, or to have credentials intercepted so governments can secretly spy on us?

Unfortunately, it’s not an either/or situation. We have both. We’re living in a world where both the internet kill switch and government surveillance co-exist.

Or are we?

Unless DHS appeals the decision, we should know, in 30 days, how real this internet kill switch is.

Follow @LisaVaas

Follow @NakedSecurity

Image of big red button courtesy of Shutterstock.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/5nybwtbYYjk/

Hackers have thrown about 16 attacks at the US’s HealthCare.gov website, a top US Department of Homeland Security (DHS) official says.

According to CNN, Acting Assistant Homeland Security Secretary Roberta Stempfley of the Office of Cybersecurity and Communications says that the attacks, now under investigation, all failed.

Ms. Stempfley testified at a hearing of the House Homeland Security (HHS) Committee, saying that the attempts were made between 6 and 8 November, but that none were successful.

Authorities are also investigating a separate report of a denial of service (DoS) tool designed to bombard the healthcare site with more requests than it can handle without going belly-up.

The tool was spotted for download from a few sites and mentioned in social media, as Arbor Networks researcher Marc Eisenbarth first described in a blog posting on 7 November.

Eisenbarth wrote at the time that there’s been no evidence that HealthCare.gov has been subjected to any significant denial of service attacks since it went live in October.

He also said that the detected tool’s request rate, non-distributed attack architecture and other limitations mean that the tool is “unlikely to succeed in affecting the availability of the healthcare.gov site.”

The tool is designed to put a strain on the site by repeatedly alternating requests to the https://www.healthcare.gov and https:www.healthcare.gov/contact-us addresses.

If the tool were to make enough requests over a short period of time, it could overload some of the applications that the site relies on to make timely responses.

Eisenbarth said that the tool follows a recent trend wherein DoS attacks are used as tools of social or political protest, in retaliation against a policy, legal rulings or government actions.

Here’s the text from a screenshot of the tool:

Destroy Obama Care.

This program continually displays alternate page of the ObamaCare website. It has no virus, trojans, worms, or cookies.

The purpose is to overload the ObamaCare website, to deny service to users and perhaps overload and crash the system.

You can open as many copies of the program as you want. Each copy opens multiple links to the site.

ObamaCare is an affront to the Constitutional rights of the people. We HAVE the right to CIVIL disobedience!

At any rate, the tool doesn’t appear to have been activated.

Dan Holden director of security research for Arbor Networks, told CNN that the site’s availability problems don’t seem to have been caused by the “Destroy Obama Care” tool:

We have not monitored any attacks. We have not seen any sizable, or anything to believe that these problems are related to DDOS. I don’t believe that the problems with the site’s availability is due to any kind of DDOS attack.

CNN also reports that a top Health and Human Services official, Chief Information Officer Frank Baitman, said in a separate hearing that his department had engaged an ethical hacker to perform penetration testing of the site – i.e., testing that simulates internal and external attacks that can then be used to evaluate computer and network defenses.

One would sure like to believe that the US government has enough security expertise on staff to limit the number of gaping holes a pen test would reveal.

And, indeed, Baitman said that the pen tester described between 7 and 10 items related to attempted security breaches, none of which Baitman said he would describe as serious, and most of which had been resolved.

Others have testified before HHS regarding “subpar” website design – assuredly a grievous accusation from a taxpayer’s perspective, given that the site cost millions of dollars, if not hundreds of millions.

If the US government wants to spare us from paying through the nose to pen-test that deluxe-but-creaky site, they might want to do us all a favor and check out these tips on how to manage cost-effective pen testing.

Just a thought!

Follow @LisaVaas

Follow @NakedSecurity

Image of Caduceus courtesy of Shutterstock.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/I0LWbtAW18c/

In the last few weeks we’ve seen several signs that cybercrime is finally getting the attention it deserves in policing, both in the US and UK.

Meanwhile, Microsoft’s opening of a state-of-the-art Cybercrime Center offers hope of better collaboration between law enforcement and industry experts in fighting online threats.

The question is, how will these developments affect the safety of the digital world, and is there more that needs to be done?

In the UK, responsibility for fighting cybercrime formerly fell mainly to the Police Central e-crime Unit (PCeU), run by London’s Metropolitan Police. The unit claimed much success, including keeping £1.01 billion ($1.6 billion) out of the hands of cybercrooks.

The newly-formed National Crime Agency’s National Cybercrime Unit (NCCU) has taken over the nationwide remit, including a large chunk of the PCeU staff, and has already started announcing its own successes.

Nevertheless, the London police will continue to operate a substantial cyber force to cover digital crimes within the capital, and recently revealed plans to hire up to 500 staff to further their efforts.

To cover the rest of the country, the NCCU has also made it clear that it will be expanding, with a drive to fill another 400 potential posts announced last month.

This will take the UK’s dedicated cyber police force from under 100 to close to 1000, although no definite timescales have been given and just how they hope to find enough skilled and trained people to fill all these places remains unclear.

In the US, the FBI is also taking cybercrime seriously, as FBI director James B. Comey made clear in an address to a government committee last week.

Speaking to the Senate Committee on Homeland Security and Governmental Affairs, Comey devoted a large chunk of his testimony to cybercrime issues, suggesting that efforts in this direction could overtake real-world work against terror.

The diverse threats we face are increasingly cyber-based. Much of America’s most sensitive data is stored on computers. We are losing data, money, and ideas through cyber intrusions. This threatens innovation and, as citizens, we are also increasingly vulnerable to losing our personal information. That is why we anticipate that in the future, resources devoted to cyber-based threats will equal or even eclipse the resources devoted to non-cyber based terrorist threats.

The FBI apparently now has dedicated Cyber Task Forces in all of the 56 regional field offices they operate across the US.

Comey also stressed the importance of cooperation with the private sector, as private firms are both the biggest victims and the biggest sources of expertise on cyber security issues.

This aspect of the fight has been helped by the unveiling last week of a major new cybercrime resource hub on Microsoft’s Redmond campus.

The high-tech facility, complete with wall-size video screens, will accommodate 100 full-time Microsoft staff, including a dedicated Digital Crimes Unit.

While the focus will be mainly on piracy and other problems directly affecting Microsoft, it will also provide space and resources for law enforcement, government and private companies to work together on cybercrime issues.

This kind of collaboration is clearly vital. Cybercrime is a global problem which often requires global insight to track its roots, and also often needs speed and flexibility to prevent crimes, trace stolen funds or ensure evidence is safely retrieved.

Law enforcement agencies often find themselves hampered by bureaucracy when trying to deal with foreign counterparts. Large global security firms, on the other hand, are able to operate across borders much more easily, and have deep expertise often unavailable to law enforcement.

So it falls to the private companies to step in where the cops can’t, at least on their own, as we routinely see with takedowns and sinkholing of botnet control systems, for example.

This sort of ad hoc cooperation for the most part works well, although sometimes a lack of joined-up communication between researchers can lead to collateral damage and the loss of potentially vital information.

Hopefully the expansion of law enforcement in both manpower and financial resources will help with this, providing better liaison between the various parties involved in monitoring cybercrooks and intervening in cybercriminal activities.

There is one more area of cooperation that still has some way to go though, and that is the realm of international cyber law. As the name suggests, law enforcement relies on having laws to enforce, and private companies are also constrained by the laws of the countries in which they operate.

So for the fight against cybercrime to make much progress, we need to see better collaboration between nations on defining what is permissible and what is not. If there are safe haven countries from which crooks can operate with impunity, that’s exactly what they will do.

At a summit on cyber collaboration held at Stanford University earlier this month, Chinese information minister Cai Mingzhao stressed exactly this point in a keynote speech, calling for international rules governing the cyber arena and also recommending a centralised entity to monitor the impact of global cybercrime.

This may not be exactly the right way of going about things, but it seems to be at least pointing in the right direction. It’s clear that we need much more cooperation between the world’s governments and lawmakers to ensure that the law enforcers are given the power to take appropriate action against cybercrime.

Funds and manpower for police agencies can only help so much, real progress is going to require laws and regulations which keep pace with the ever-changing online world.

Follow @VirusBtn
Follow @NakedSecurity

Image of police sign courtesy of Shutterstock.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/SZPeixGf0Hw/

5 ways to reduce advertising network latency

The latest Snowden leaks have revealed that Australia spies on the heads of state of its neighbours while the UK monitors luxury hotel bookings made by foreign diplomats, among other unsurprising revelations.

Australian intelligence attempted to spy on phone calls made by the President of Indonesia, his wife and entourage while Indonesian president Susilo Bambang Yudhoyono and his ministers were targeted by the Australian Defence Signals Directorate, according to leaked NSA slides dated August 2009.

One slide, entitled “IA Leadership Targets + Handsets”, listing the president and the first lady as having Nokia E90-1s, with the vice-president Boediono favouring a BlackBerry Bold 9000, The Guardian reports.

The slides suggest that call data records for the regional leader were harvested but that Australian spies (at least at that time) had failed in their intent of capturing the content of calls. The leaked slides are available via Cryptome.org here (PDF).

Separate Snowden leaks reveal that GCHQ monitors luxury hotel bookings made by foreign diplomats. GCHQ’s “Royal Concierge” program tracked bookings at 350 upmarket hotels across the world. After the hotel and suite a potential target was staying at was identified the job of planting bugs on the phone in a suite was turned over to field operatives.

Reservation confirmations sent to .gov.xx email addresses are of particular interest, and are fed to analysts by an automated system before particular spying tasks are prioritised. The program was initially tested in 2010 and proved so successful that further development was requested, Der Speigel reports. It remains unclear how frequently the program was used or what intelligence it yielded.

The leak shows that GCHQ’s role is far from restricted to counter-terrorism, fighting against state-backed hackers stealing blueprints from UK firms or assisting in the investigation of child abuse, the only three functions discussed by the spy agency’s boss, Sir Iain Lobban, during a recent public hearing of Parliament’s Intelligence and Security Committee.

Finally it also emerged late last week that a CIA program secretly collected records of international money transfers going into and out from the US. Bulk transfers through Western Union and the like are targeted by the scheme, the New York Times reports.

The financial records program is authorised under the Patriot Act and overseen by the Foreign Intelligence Surveillance Court, anonymous agency officials told the paper. The program, which was not leaked by Snowden, provides evidence that the NSA is not the only US government agency that makes use of bulk data collection programs and that telephone record call data isn’t the only thing being hoovered up. ®

The business case for a multi-tenant, cloud-based Recovery-as-a-Service solution

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/11/18/gchq_royal_concierge_hotel_spying/

5 ways to reduce advertising network latency

Hacktivists allegedly affiliated with Anonymous have been covertly breaking into US government systems and pilfering sensitive information for nearly a year, the FBI warned last week.

The attacks (which began last December and are thought to be ongoing) exploit flaws in Adobe’s ColdFusion web app development software to plant backdoors on compromised systems, according to an FBI memo seen by Reuters. The memo said the US army, Department of Energy, Department of Health and Human Services, and others had all been targeted.

Officials told the news agency that the warning was linked to attacks allegedly carried out by Lauri Love, 28, of Stradishall, England and others. Love alone was indicted in New Jersey last month over a string of attacks that matches that latest warnings.

A DoJ statement on the indictment lists 10 attacks against US government systems, eight of which are blamed on ColdFusion exploits¹. The remaining two attacks were blamed on SQL injection-style assaults.

Some of the breaches have been publicised by Anonymous under the a campaign dubbed Operation Last Resort (‪#OpLastResort‬), which aims to protest against the overzealous prosecution of computer crime suspects including Aaron Swartz, a programmer who committed suicide under the shadow of a prosecution for computer crimes after he systematically downloaded academic journal articles from the JSTOR digital library.

The FBI is urging government sysadmins and website administrators to take urgent remedial action to contain the problem, which it warns is more serious than recent press reports of hack against US government systems might suggest.

“The majority of the intrusions have not yet been made publicly known,” the Feds warned, Reuters reports. “It is unknown exactly how many systems have been compromised, but it is a widespread problem that should be addressed.”

News of the warning broke late last week shortly after Anonymous affiliated hacker Jeremy Hammond was jailed for 10 years for hacking into the systems of private intelligence firm Stratfor and stealing credit card details and emails.

Hammond claimed in court that LulzSec suspect turned super-snitch Hector “Sabu” Monseigneur had encouraged him to hack into the websites of various governments under the AntiSec banner. An earlier (more concise) statement from Hammond along the same lines can be found on the FreeJeremy support website here.

The harsh sentence against Hammond prompted elements of Anonymous to re-launch ‪OpLastResort‬, with a video about the ongoing Edward Snowden revelations that refers to “Global Cyberwar II”. Apparently Global Cyberwar I happened two years ago. ®

Bugnote

¹ Separately security firm Hold Security has linked attacks against ColdFusion version 8 to the recent high-profile theft of Adobe source code as well as attacks against LexisNexis and others.

The business case for a multi-tenant, cloud-based Recovery-as-a-Service solution

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/11/18/anon_us_gov_hack_warning/

Framingham, Mass. — Nov. 18, 2013 — Prelert, the first vendor to package data science into downloadable applications for everyday users, today announced Anomaly Detective 3.0. With this release, Prelert enables IT security professionals to easily detect advanced security threats in real time using anomaly detection analytics, and without the need for data science expertise.

The intersection of big data analytics and IT security brings forth a new era in cybercrime prevention. Today’s sophisticated attacks can only be detected by applying equally sophisticated data science to huge volumes of data collected by IT security teams. The challenge is that there are very few individuals who possess the requisite blend of domain expertise in security and data science.

To address this gap, Anomaly Detective 3.0 uses machine learning predictive analytics to automatically learn the normal behavior patterns of populations of individual users, devices and resources. Sophisticated population analytics cross-correlate multiple data sources, in real time, to identify the anomalous behaviors that are the indicators of advanced threats.

“Today’s cyber attacks have become increasingly difficult to detect with current technologies, but these attacks leave fingerprints in vast amounts of data available to IT security teams, creating a lot of interest in Big Data analytics for Security,” said Mark Jaffe, CEO at Prelert. “Uncovering these attacks requires very sophisticated data science that is beyond the abilities of most security experts. The good news is Prelert has packaged that data science into a downloadable application that can be leveraged easily to identify these advanced threats in real time.”

Customer Validation

Responsys, a marketing cloud software and services leader, takes data security and compliance seriously. Its security team realized that its existing security tools, designed to identify and prevent ‘known’ threats, didn’t go far enough to reduce the risk of malicious attacks. Advanced hackers know better than to use ‘known’ attack profiles. Responsys realized that the best way to identify these advanced threats was through behavioral analytics.

“Finding the ‘bad guy’ wasn’t going to be a winning battle if we could only use ‘known bad’ searches and rules,” said Craig Merchant, senior security architect at Responsys. “With Prelert’s Anomaly Detective, we can proactively monitor our environment for ‘unknown’ advanced threats and quickly identify behaviors that are categorically different than ‘normal.'”

Industry Validation

“To be effective against modern cyberthreats, IT security has to be data driven. It is beyond human ability to manually analyze the volume of data,” said David Monahan, research director, risk and security management, at Enterprise Management Associates Inc. “Prelert’s behavior-based machine learning analytics engine is a timely entry to the market, moving beyond traditional log management and SIEM. Prelert provides advanced Security Analytics capabilities to automatically identify anomalies that IT teams need to know about.”

Anomaly Detective 3.0 End-User Case Study Webinar

Prelert is hosting a free webinar on Anomaly Detective 3.0 titled “Detecting Security Anomalies with Machine Learning Analytics,” on Wednesday, Nov. 20, 2013, at 12PM EST. The webinar will be presented by Craig Merchant, senior security architect at Responsys and Rich Collier, director of product management at Prelert. To register, go to http://info.prelert.com/responsys-webinar-registration.

Availability and Pricing

Anomaly Detective 3.0 is now available and easily downloadable from the Prelert website and from Prelert resellers. Pricing is based on the amount of data analyzed per day, starting at $100 per month for environments indexing more than 500MB of data per day.

Resources

Additional information about Anomaly Detective 3.0 can be found by downloading the data sheet or visiting the Prelert website.

About Prelert

Mining answers from the volume of data available today to drive business decisions requires advanced analytics approaches that, until now, have required the expertise of data scientists. Prelert is the first vendor to provide this data science packaged to provide a time to value in minutes and enable IT and business professionals to make better decisions. Prelert: Data science for everyday decisions. www.prelert.com.

Article source: http://www.darkreading.com/management/prelert-announces-anomaly-detective-30/240164039

Newton, Mass. – November 18, 2013 – CyberArk, the company securing the heart of the enterprise, today announced the availability of Privileged Threat Analyticstrade, the industry’s first analytics solution to detect malicious privileged account behavior and disrupt in-progress attacks before damage is done to a business.

Privileged accounts have been identified as the primary target in internal and advanced external attacks. According to security consultancy firm Mandiant, “APT intruders prefer to leverage privileged accounts where possible, such as domain administrators, service accounts with domain privileges, local administrator accounts, and privileged user accounts.” [1] CyberArk Privileged Threat Analytics provides targeted and immediately actionable threat analytics on these critical attack vectors by identifying previously undetectable malicious privileged user behavior, which enables the incident response team to respond and disrupt in-progress attacks. CyberArk Privileged Threat Analytics is the industry’s only targeted privileged threat analytics solution.

“Privileged accounts are the most powerful accounts in any organization because of the broad access they can provide. For us, managing and controlling this access is critical to securing the enterprise, and in achieving and maintaining compliance with numerous regulations,” said Erica Beall, IT Security Systems Analyst at The Williams Companies. “Real-time analytics and alerts on privileged user activity will provide management with impactful information to maximize our security posture.”

Key Benefits of CyberArk Privileged Threat Analytics Include:

Identifies in-progress external attacks and malicious behavior of authorized insiders;

Detects a range of anomalies in the behavior patterns of individual privileged users in real-time, such as a user who suddenly accesses credentials at an unusual time of day. This is a strong indicator of malicious activity or severe policy violations such as password sharing;

Improves effectiveness of SIEM systems and incident response teams by reducing false positives;

Stops an in-progress attack earlier in the kill chain, ensuring a less costly and time consuming remediation process;

Continuously learns user behavior and adjusts risk assessments based on the authorized privileged user activity patterns.

“Privileged user behavior profiling can be a critical weapon in combating both external and internal threats by discovering abnormal behavior early,” said Charles Kolodgy, Research Vice President for IDC’s Security Products service. “The key to CyberArk’s inventive solution is to analyze the right data – that being the activities of privileged user accounts – providing high value, actionable intelligence on a critical attack vector.”

The New Security Battleground – Inside the Network

As the secure perimeter has dissolved, the new battleground for information security is inside the network. CyberArk Privileged Threat Analytics is the latest innovation in CyberArk’s market leading privileged account security solution that secures an organization’s most critical assets and data. By applying patented analytic technology to a rich set of privileged account behavior data from its privileged account security solution, along with contextual information from system resources, CyberArk Privileged Threat Analytics provides targeted, high value and actionable intelligence to security teams.

“Organizations must assume attackers have already penetrated the perimeter and once inside, will almost always attempt to take control of privileged accounts to advance their attack,” said Roy Adar, vice president of product management, CyberArk. “Customers are asking for controls on privileged accounts, coupled with the ability to detect suspicious activity to protect their organizations from evolving threats.”

CyberArk Privileged Threat Analytics will be generally available in December 2013. For more information, please visit http://www.cyberark.com/product-detail/privileged-threat-analytics. To view a video introduction to CyberArk Privileged Threat Analytics, please visit: http://youtu.be/SCZYHMrLw6U.

About CyberArk

CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world’s leading companies – including 40 of the Fortune 100 – to protect their highest value information assets, infrastructure and applications. CyberArk is a vital security partner to more than 1,400 global businesses, including 17 of the world’s top 20 banks. Headquartered in Newton, MA, CyberArk also has offices throughout EMEA and Asia-Pacific. To learn more about CyberArk, visit www.cyberark.com, read the company blog, http://www.cyberark.com/blog/, follow on Twitter @CyberArk or Facebook at https://www.facebook.com/CyberArk.

Article source: http://www.darkreading.com/management/cyberark-introduces-privileged-threat-an/240164040

Munich, 18th November 2013 – Tackling fraud and extending banking services to previously underserved populations are just some of benefits Lorenzo Gaston, Technical Director of the Smart Payment Association (SPA) will highlight when he takes the stage on Thursday 21st November 2013 at www.cartes.com to explain why the Time is Now for Biometrics in Financial Services.

The introduction of biometric cardholder verification represents an important step forward for the finance industry, opening the way to eliminating fraud for issuers and cardholders, reducing costs, and providing the additional security and identity verification required to support remote or cross-border transactions.

Gaston will review how today’s proven biometric technologies deliver the security, privacy and performance the financial services industry needs, setting out the SPA position on how biometric Match-on-Card authentication delivers definitive advantages in terms of security and data privacy.

Andreas Strobel, President, SPA said: “The introduction of biometrics authentication would deliver significant benefits in terms of tackling card payment fraud, extending cardholder verification through the introduction of an additional validation factor.

Adding biometric functionality to an EMV card has the potential to facilitate access to financial services for previously hard to reach populations and opens the way to provisioning a range of services that require a legally accepted digital signature – from subscribing to a new financial service through to proceeding with a mobile commerce transaction or the download and transfer of electronic money.”

Lorenzo Gaston will present the SPA position on biometric cardholder authentication on 21 November at 12.30, during the Biometrics: Privacy and Security Concerns conference track of CARTES 2013.

In support of CARTES activity, the SPA is announcing the availability of a whitepaper on Biometrics for Payment Applications which sets out the SPA vision on financial match-on-card payment and provides a framework of the guiding principles, specifications and best practices required to underpin the expansion of biometrics into financial applications.

Download paper at www.smartpaymentassociation.com.

-Ends –

Note to Editors:

About Smart Payment Association (SPA)

The Smart Payment Association (SPA) addresses the challenges of the evolving payment ecosystem, offering leadership and expert guidance to help its members and their financial institution customers realize the opportunities of smart, secure and personalised payment systems services both now and for the future.

For more information on the SPA, visit our website: www.smartpaymentassociation.com or contact us by email: [email protected].

Article source: http://www.darkreading.com/intrusion-prevention/smart-payment-association-spa-sets-out-b/240164041

MOUNTAIN VIEW, Calif. (Nov. 18, 2013) – A striking number of U.S. travelers, while aware of the risks, are not taking the necessary steps to protect themselves on public Wi-Fi and are exposing their data and personal information to cyber criminals and hackers, according to research released today by AnchorFree, the global leader in consumer security, privacy and Internet freedom.

The PhoCusWright Traveler Technology Survey 2013 polled 2,200 U.S. travelers over the age of 18 revealing new insights into travelers’ online behavior and their understanding of cyber risks.

It is estimated that 89% of Wi-Fi hotspots globally are not secure. The increased use of smartphones and tablets to access unsecured public Wi-Fi hotspots has dramatically increased the risk of threats. Travelers were three times more likely to use a smartphone or tablet than a laptop to access an unsecured hotspot in a shopping mall or tourist attraction, two times more likely in a restaurant or coffee shop and one and a half times more likely at the airport.

“In the age of tablets, smartphones and ubiquitous hotspots, many travelers don’t realize that they are unsuspectingly sharing sensitive information with others on public Wi-Fi,” said David Gorodyansky, founder and CEO of AnchorFree, makers of Hotspot Shield VPN. “It’s troubling that while most travelers are concerned about online hacking, very few know how, or care enough, to protect themselves. Looming threats — from cyber thieves to malware and snoopers — are skyrocketing on public Wi-Fi and travelers need to be vigilant in protecting themselves.”

Further to this point, a striking 82% of travelers surveyed reported that they suspect their personal information is not safe while browsing on public Wi-Fi, yet nearly 84% of travelers do not take the necessary precautions to protect themselves online. The top three concerns cited when using public Wi-Fi are the possibility of someone stealing personal information when engaging in banking or financial sites (51 percent), making online purchases that require a credit or debit card (51 percent) and making purchases using an account that has payment information stored (45 percent). Travelers were less concerned about using email or messaging services on public Wi-Fi (18 percent).

“Consumers underestimate their exposure to risks when connecting to public Wi-Fi,” said Robert Siciliano, personal security and identity theft expert. “While credit card fraud is considered a traveler’s most significant risk, consumers should be aware that there are many levels to protecting personal data online – a compromised email account puts other accounts at risk, including credit cards, and provides hackers with a wealth of information they can use to steal your identity.”

Cyber-security threats are not the only issues people face while traveling. Thirty-seven percent of international travelers –which equates to 10 million U.S. travelers annually– encountered blocked, censored or filtered content including social networks (40 percent) such as Facebook, Twitter and Instagram during their trip. Top websites that were also blocked include video and music websites such as Hulu and YouTube (37 percent), streaming services such as Pandora and Spotify (35 percent), email (30 percent) as well as messaging sites such as Skype and Viber (27 percent).

To avoid the threat of hacking and cyber attacks, more than half of travelers (54 percent) try not to engage in online activities that involve personally sensitive information while one in five (22 percent) avoid using public Wi-Fi altogether because they believe their personal information is at risk. Only 16% reported using a VPN such as Hotspot Shield.

About Hotspot Shield

AnchorFree’s award-winning Hotspot Shield VPN, the most trusted VPN service with 150 million downloads, encrypts all Internet communications and prevents hackers from stealing sensitive data while using unsecure Wi-Fi networks. In addition to secure and private browsing, Hotspot Shield VPN provides access to all local Internet content while travelling abroad. Users can increase productivity and remove any browsing limits and stream data freely with the ability to access VPNs on U.S., U.K. or other servers from anywhere in the world.

For a free download of Hotspot Shield, visit: www.hotspotshield.com. Hotspot Shield is available for PC, Mac, iOS and Android. An infographic with survey results is available upon request.

Survey Methodology

The data points referenced above come from a study commissioned by AnchorFree, fielded by PhoCusWright through Global Market Insite, Inc. and conducted as an online survey among a total of 2,203 U.S. travelers. To qualify for participation in the study, respondents were required to:

Have taken at least one leisure trip at least 75 miles from home in the past 12 months that included paid lodging and/or air travel

Have used the Internet to select a destination, compare and choose leisure travel products, book travel or share travel experiences in the past 12 months

Have played an active role in planning their leisure trips in the past 12 months

The error interval for analysis is +/-2.1 percent at a 95% confidence level. Complete results of the survey can be viewed at blog.hotspotshield.com.

About AnchorFree

AnchorFree’s mission is to provide secure browsing, privacy and freedom to the more than 1.6 billion people around the world who are in need of a secure browsing solution or freedom to access internet content. AnchorFree does this through Hotspot Shield, the world’s most popular privacy, security and Web access tool. Hotspot Shield ensures safe, private Web browsing and disrupts censorship of commonly blocked content such as breaking news, social networking and search engines. Hotspot Shield is available for PC, Mac, Apple iOS and Android platforms at www.AnchorFree.com. AnchorFree is a privately held, venture-backed company based in Mountain View, Calif.

Article source: http://www.darkreading.com/end-user/4-in-5-travelers-fear-mobile-use-of-unse/240164042