Network Forensics Can Help Your Business Correctly Identify The Source Of A Security Breach.

Enterprise security teams have historically spent most of their time, human resources and money on defenses like firewalls and Intrusion Detection Systems (IDS) to protect and monitor the security of their networks. However, a quick look at the news will tell you that these barriers are far from foolproof. With breaches becoming more common (and costly), enterprise teams are turning to tools that help them respond quickly to security incidents as soon as the attack has been discovered.

Network forensics looks at information such as log data, network flow and packet data to answer the question ‘How did the attackers get in?’. It’s similar to what you would expect a detective to do at a crime scene – look for clues to recreate the crime. The goal of network forensics is to identify the source of the breach faster in order to minimize the resulting damage, and to analyze them so that future attacks can be prevented.

The unfortunate truth is that no organization is safe from attack. With that in mind, here are some critical steps every organization should take to prepare for, and react to a security breach:

1. Preparedness

Employees are sometimes the weakest link in security. It is important that you conduct regular training with employees on basic security best practices such as using strong passwords, how to identify phishing emails, and not plugging unknown devices into work machines.

2. Identification

Automate the process of data collection so that it is easier to investigate and identify security events.

3. Containment

Once a breach has been confirmed, determine exactly how far the problem has spread within the company’s network and minimize further damage by disconnecting affected systems and devices.

4. Eradication

Resolve the root cause of the vulnerability and remove all traces of malicious code. Ensure that the flaw is completely resolved by running penetration tests and looking at server logs again to define whether other servers and devices might also be susceptible.

5. Recovery

Restore all data and software from clean backup files. Monitor systems for any sign of weakness or recurrence.

6. Lessons learned and remediation

Conduct a thorough post-mortem to analyze the incident and how it was handled. Identify prevention and response processes that can be improved.

Click here to read the full article
https://www.itproportal.com/features/are-you-ready-for-a-security-breach/

5 Top Pieces Of Advice For CISOs

Most vendors fall into the trends, forgetting about customer needs for the sake of a technology race. Unfortunately, the main problems for CISOs still lie within the borders of security basics.

New technologies will never bring any value to your company, unless you get your basic security right. While attackers and threats get more sophisticated, the level of security awareness at the board level often leaves much to be desired.

Here are five recommendations that you, as a CISO, can take advantage of to get maximum return on your cyber security efforts:
1. Know Your Assets

Before you start making strategic security plans, it is very important to find out what IT assets and data you have, where they are located and how critical they are.

Lack of visibility prevents organizations from setting the right goals, which means they fail even before they start. The main challenge here is to discover the maximum number of assets within the minimum period of time. There is no one-size-fits-all solution yet, but it may lie somewhere in between an automated data discovery solution enforced with recon techniques (used by hackers to discover subdomains, resources and properties) and hiring a full-time employee responsible for the process.
2. Develop Cloud Security Skills

Start with major decision makers and bring key stakeholders, including CISO, InfoSec and application teams together into one agile group. This will greatly contribute to developing a cloud security strategy and improve cooperation.

The next step involves a mix of new and old technologies. Combine network penetration testing, dynamic application security testing, automated patch management, vulnerability assessment with UEBA and SIEM solutions for cloud services, and cloud access security brokers (CASB). In addition to that, leverage security services offered by cloud providers. This combination of management decisions and technical expertise will greatly add to your security efforts.
3. Focus On Identity Not Perimeter

Gradually network perimeter security disappears, clearing the way to an identity perimeter concept. Your employees can now work remotely from home or business trips, so your security measures should be adapted accordingly. Set protection of user identity as your ultimate goal and develop a security strategy to support it. Start with multi-factor authentication (MFA) that will allow you to minimize risks of account hijacking, especially in case of phishing attacks, and with CASB to intercept and monitor data traffic between your network and cloud platform if you use cloud services. Finally, raise security awareness among employees. Thus, everyone will understand their personal responsibility for data security in the company.
4. Speak the language of C-levels

CISOs could have been more successful if they understood that their board of directors speaks the language of money. If you want to convince the C-suite to increase your funds, get ready to talk about business benefits and financial risks. When getting ready for your speech, make sure you can evaluate and explain the following measurements:

  • Baseline: How much money you can you afford to lose and what breach probability is acceptable for your company?
  • Situation 1: You have made zero investments. How much money will the company lose in case of a breach? What is the likelihood of a breach in this case?
  • Situation 2: You have made investments. How much money will the company lose in case of a breach? What is the likelihood of a breach in this case?

Before the meeting, calculate the cost of risk reduction measures and be ready to explain in detail how the security team will spend it. Consider a risk assessment solution to articulate a clear plan.

 

5. Make Compliance Your BFF

Become a friend with all compliance standards your company is subject to. Even if you fall under GDPR compliance, which terrifies companies worldwide, instead of panicking or resisting changes, consider which benefits the GDPR will bring to the business. By following the guidelines, you will dramatically improve security and operations and get impressive perks: advanced data strategies, better privacy policy management, increased KPIs for data security and privacy, increased customer trust and new business opportunities to name a few.
In conclusion

To survive in 2018 and beyond, CISOs should be aware of security and business risks, be able to prioritize security efforts, and do not hesitate to talk money and argue your position. Accept that there is no single technology solution to address all threats and solve all issues at once. You will never be 100% secured, but you can make your company a tough nut to crack.

 

Click here to read the full article
https://www.informationsecuritybuzz.com/articles/5-top-pieces-of-advice-for-cisos/

Bluetooth Vulnerabilities

Bluetooth Vulnerabilities
(from Schneier on Security)
 

bunch of Bluetooth vulnerabilities are being reported, some pretty nasty.

BlueBorne concerns us because of the medium by which it operates. Unlike the majority of attacks today, which rely on the internet, a BlueBorne attack spreads through the air. This works similarly to the two less extensive vulnerabilities discovered recently in a Broadcom Wi-Fi chip by Project Zero and Exodus. The vulnerabilities found in Wi-Fi chips affect only the peripherals of the device, and require another step to take control of the device. With BlueBorne, attackers can gain full control right from the start. Moreover, Bluetooth offers a wider attacker surface than WiFi, almost entirely unexplored by the research community and hence contains far more vulnerabilities.

Airborne attacks, unfortunately, provide a number of opportunities for the attacker. First, spreading through the air renders the attack much more contagious, and allows it to spread with minimum effort. Second, it allows the attack to bypass current security measures and remain undetected, as traditional methods do not protect from airborne threats. Airborne attacks can also allow hackers to penetrate secure internal networks which are “air gapped,” meaning they are disconnected from any other network for protection. This can endanger industrial systems, government agencies, and critical infrastructure.

Finally, unlike traditional malware or attacks, the user does not have to click on a link or download a questionable file. No action by the user is necessary to enable the attack.

Fully patched Windows and iOS systems are protected; Linux coming soon.
 

Original Article:
https://www.schneier.com/blog/archives/2017/09/bluetooth_vulne.html
 

Call Today And Schedule
Your COMPLIMENTARY Technology Checkup!

775.473.9445

Enterprise Mobility Management

Direct Reps = Sales Quotas = Higher Pricing

Common sense tells us that if the salesperson you are working with has a monthly sales quota and makes more money when you spend more money, they will never give you the biggest discount available as it will diminish their income. 

Our mobile technology partners are incentivized to secure the lowest pricingand manage your entire mobility platform for you as the more they save you the more they get paid. This is called alignment!


Enterprise Mobility Management
Reduce Cost, Eliminate Hassle, Increase Control, Mitigate Risk
We invite you to learn more about our award-winning enterprise mobility management solutions that help our clients evaluate, implement, optimize and manage their wireless solutions.

  • AUDIT SERVICES
  • SOURCING
  • IMPLEMENTATION
  • EXPENSE & INVENTORY MANAGEMENT
  • HELPDESK & VENDOR MANAGEMENT

Call Today And Schedule
Your COMPLIMENTARY Mobile Evaluation!

775.473.9445

Telecom Tylenol Episode 8 – “Down Hard”…Can’t Access My Cloud Applications

Joe Jonovic talks about the headache of not being able to access your cloud based services and/or applications and how to work with SOLUS to design a solution that will eliminate this headache.

Telecom Tylenol is a video blog produced by Joe Jonovic of SOLUS Network Solutions. Every episode provides valuable advice to businesses for the purpose of avoiding or relieving telecom/technology headaches.

 

Contact Joe at 775.853.3335 or joe@solusns.com

Telecom Tylenol Episode 7 – One Point of Contact

Joe Jonovic talks about avoiding the headache of researching and vetting multiple vendors by taking advantage of the SOLUS single point of contact model.

Telecom Tylenol is a video blog produced by Joe Jonovic of SOLUS Network Solutions. Every episode provides valuable advice to businesses for the purpose of avoiding or relieving telecom/technology headaches. Contact Joe at 775.853.3335 or joe@solusns.com

Telecom Tylenol Episode 6 – Finger Pointing Between Vendors

Joe Jonovic talks about avoiding the headache of finger pointing between your vendors by taking advantage of the SOLUS single point of contact model.

Telecom Tylenol is a video blog produced by Joe Jonovic of SOLUS Network Solutions. Every episode provides valuable advice to businesses for the purpose of avoiding or relieving telecom/technology headaches.

Contact Joe at 775.853.3335 or joe@solusns.com

5 Reasons To Take A Fresh Look At Your Security Policy

Evolving ransomware and DDoS attacks, new technology such as IoT, and changing user behavior are all good reasons to revise your security policy.

(from CSO Online)

Today’s advanced persistent threats, new business technologies and a younger workforce have prompted security budgets to shift from breach prevention to detection and response. Those same forces have also motivated many organizations to take a fresh look at their security policies and guidelines – and for good reason.

The Golden Rules For Writing Security Policy:

  • Making sure the process is shared with all stakeholders who will be affected by it
  • Using language that everyone can understand
  • Avoiding rigid policies that might limit business growth
  • Ensuring the process is pragmatic by testing it out

Just because policies are intended to be evergreen doesn’t mean they can’t become stale, says Jay Heiser, research VP in security and privacy at Gartner. Particularly at the standards levels, one level below policy, guidance may need to be updated for different lines of business, or for jurisdictions that may be driven by different regulatory rules or geographic norms. Security and risk experts offer five reasons why companies should take a fresh look at security policies.

Learn More About The 5 Reasons You Should Take A Fresh Look At Your Security Policy By Reading The original Article Below:

1. Ransomware, DDoS and APTs
2. Cloud, IoT blockchain and other new technology
3. Changing user behavior
4. Security fatigue and lax enforcement
5. Some policy elements are obsolete
Original Article:
https://www.csoonline.com/article/3209160/security/5-reasons-to-take-a-fresh-look-at-your-security-policy.html?upd=1517938107174
Call Today And Schedule
Your COMPLIMENTARY Security Checkup!

775.473.9445

Telecom Tylenol Episode 5 – 4 Phone Calls To Solve 1 Telecom Problem

Joe Jonovic talks about avoiding the headache of having to make 4 phone calls to solve 1 telecom problem by taking advantage of the SOLUS single point of contact model.

Telecom Tylenol is a video blog produced by Joe Jonovic of SOLUS Network Solutions. Every episode provides valuable advice to businesses for the purpose of avoiding or relieving telecom/technology headaches. Contact Joe at 775.853.3335 or joe@solusns.com

Telecom Tylenol Episode 4 – Local Phone Company Customer Service Unacceptable

Joe Jonovic talks about avoiding the headache of having to deal with your local phone company’s poor customer service when you have a billing or service related issue. Telecom Tylenol is a video blog produced by Joe Jonovic of SOLUS Network Solutions. Every episode provides valuable advice to businesses for the purpose of avoiding or relieving telecom/technology headaches.