changes

now browsing by tag

 
 

#cybersecurity | #hackerspace | Key Changes in the AG’s Updated Proposed CCPA Regulations

Source: National Cyber Security – Produced By Gregory Evans The California Attorney General released an update to its proposed California Consumer Privacy Act Regulations, and companies have until 5 pm PT on February 24 to submit comments on this updated draft. Key changes include:  Definitions Clarifying that to qualify as personal information (“PI”), information must be maintained […] View full post on AmIHackerProof.com

Big Changes Are Coming to Security Analytics & …

Source: National Cyber Security – Produced By Gregory Evans

New ESG research points to fundamental problems, a need for scalable security data pipelines, and a migration to the public cloud.

ESG research recently completed a new research project focused on security analytics and operations. As part of this project, ESG surveyed 406 IT and security professionals working at midmarket and enterprise organizations in North America across all industries. Based on the research results, we came to the following conclusions:

Security analytics and operations continue to grow more difficult. 
Nearly two-thirds (63%) of survey respondents claim that security analytics and operations are more difficult today than they were two years ago. This increasing difficulty is being driven by external changes and internal challenges. From an external perspective, 41% of security pros say that security analytics and operations are more difficult now due to rapid evolution in the threat landscape, and 30% claim that things are more difficult because of the growing attack surface. 

Security teams have no choice but to keep up with these dynamic external trends. On the internal side, 35% of respondents report that security analytics and operations are more difficult today because they collect more security data than they did two years ago, 34% say that the volume of security alerts has increased over the past two years, and 29% complain that it is difficult to keep up with the volume and complexity of security operations tasks. Security analytics/operations progress depends upon addressing all these external and internal issues.

The security data pipeline dilemma: More data, more problems
Just under one-third (32%) of organizations collect substantially more data to support cybersecurity analytics and operations today than they did two years ago, while 44% collect somewhat more security data. Furthermore, 52% of organizations retain this data online for longer periods of time than they did in the past. The volume of real-time and historical security data creates massive data repositories that are costly and difficult to manage. Security analysts commonly offer a complaint worthy of Yogi Berra: “We have so much security data that we can’t find anything we’re looking for.”

Traditional on-premises SIEM is an incomplete solution. 
A full 70% of organizations continue to anchor their security analytics and operations with security information and event management (SIEM) systems. Despite this central role, security operations center (SOC) teams now surround the SIEM with additional tools for threat detection/response, investigations/query, threat intelligence analysis, and process automation/orchestration. This raises the question: If SIEM is essential to security analytics and operations, why do organizations need so many tools? 

The research reveals that while SIEM is good at discovering known threats and generating security and compliance reports, it’s not well suited for detecting unknown threats or other security operations use cases. What’s more, 23% of security pros say that SIEM platforms require lots of personnel training and experience, and 21% believe that SIEM requires constant tuning and operational overhead to be useful. SIEM isn’t going away, but it needs help.

Staffing and skills shortages remain ubiquitous. 
Three-quarters of survey respondents agree that the cybersecurity skills shortage has affected security analytics and operations at their organizations. Can’t CISOs simply hire their way out of this situation? It’s not that easy: 70% of security pros say that it is extremely difficult or somewhat difficult to recruit and hire SOC personnel. Organizations are addressing the skills gap by turning to managed services. Seventy-four percent of organizations use managed security services (for security analytics and operations) today, and 90% plan on increasing their use of managed security services in the future. When it comes to the SOC, it seems that no one can go it alone anymore. 

Security analytics and operations technologies are migrating to the public cloud. 
In the past, CISOs preferred the hands-on control of on-premises security analytics and operations technology, but this is no longer true. The research indicates that 41% of organizations prefer cloud-based security analytics and operations technologies while another 17% are willing to look at cloud-based security analytics and operations technology options on a case-by-case basis. 

Why move to the cloud? The most obvious reason is to avoid the cost and complexity of an on-premises security analytics and operations infrastructure (i.e., deployment and ongoing operations of data collectors/processors, load balancers, servers, storage devices, etc.). Interestingly, some progressive organizations believe that scalable, burstable cloud-based processing and storage resources can provide analytics opportunities they simply can’t achieve with homegrown on-premises efforts. This is particularly true with the application of machine learning algorithms on massive security data sets.

Based upon this research, ESG has four recommendations for CISOs and security professionals:

  1. CISOs must address SOC deficiencies with long-term and comprehensive strategies that can improve security efficacy, bolster operational efficiency, and support business objectives. Tactical tweaks won’t do.
  2. Large organizations should understand that security analytics and operations is a big data application. This demands that security teams have appropriate data management skills so they can build and operate security data pipelines at scale.
  3. CISOs must plan for cloud migration so they can create a security operations and analytics platform architecture (SOAPA) that helps them prevent, detect, and respond to security incidents across hybrid IT infrastructure. “Lift-and-shift” should be viewed as a starting, not an ending, point. 
  4. To address the scale and scope of security operations along with the ongoing cybersecurity skills shortage, SOC managers must lean on artificial intelligence, security process automation, and managed services moving forward. Once again, CISOs need a detailed plan on how these elements will augment the SOC staff, supplement and improve SOC processes, and better safeguard critical business assets. 

Related Content:

Jon Oltsik is an ESG senior principal analyst, an ESG fellow, and the founder of the firm’s cybersecurity service. With over 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help … View Full Bio

More Insights

Click here for the Source link

The post Big Changes Are Coming to Security Analytics & … appeared first on National Cyber Security.

View full post on National Cyber Security

6 Changes To Make In Your Dating Life During App-less April, A Month Without Dating Apps

Whether dating apps are causing a “dating apocalypse” or are merely the easiest way to get a date, there’s no denying these tools have been total gamechangers in the dating scene within the last few years. And even though dating apps are most popular among millennials, according to a recent Bustle survey with dating app Happn of over 1,000 dating app users, 78 percent of women and 85 percent of men still want to meet people IRL. Read More….

The post 6 Changes To Make In Your Dating Life During App-less April, A Month Without Dating Apps appeared first on Dating Scams 101.

View full post on Dating Scams 101

Wife Sees Husband Cheating On Tinder, Then She Changes His Profile As Revenge

One wife picked up her husband’s phone and noticed the Tinder dating app logo appear as a notification. She realized her husband was using the online dating matchmaker to cheat on her. The scorned wife made a few changes to his profile to let the world know exactly who he really was. The husband was identified as a man named 29-year-old Mike. Not only were the profile photos changed to less flattering ones, but his brief biography was rewritten to be less than flattering. Read More….

The post Wife Sees Husband Cheating On Tinder, Then She Changes His Profile As Revenge appeared first on Dating Scams 101.

View full post on Dating Scams 101

Child advocacy group calls for changes to abuse laws in Pa.

A child advocacy group is calling for changes to child abuse law in Pennsylvania.

Cathleen Palm, founder of The Center for Children’s Justice in Jefferson Township is speaking out after a 2-year-old girl in Berks County died of pneumonia.

Authorities say the girl’s parents, Jonathan and Grace Foster, did not seek medical attention when the girl became sick because their religious beliefs forbids any medical intervention.

According to court documents, the parents told investigators the girl’s death was God’s will.

The Fosters are charged with involuntary manslaughter and endangering the welfare of children.

Palm says drawing the line between religion and parenting is difficult.

“I think we all want parents to be able to parent their children, we want people to be able to subscribe to their religious beliefs,” Palm told 69 News.

Read More

The post Child advocacy group calls for changes to abuse laws in Pa. appeared first on Parent Security Online.

View full post on Parent Security Online

Wife Finds Cheating Husbands Profile And Makes Savage Changes

Nobody likes a cheat, especially in the old love game. This guy, known as Mike, has gone pretty viral, not just because he cheated, but also because his wife caught wind of his antics and updated his Tiner profile appropriately. The full bio reads: “Hey my name is mike I’m married with two kids. I have a tiny d**k that is sti infested. My wife found my profile if you can’t tell and I don’t know yet that she’s talking on the phone right now with one of my girls and is leaving me. Read More….

The post Wife Finds Cheating Husbands Profile And Makes Savage Changes appeared first on Dating Scams 101.

View full post on Dating Scams 101

KSU student allegedly hacks Owl Express, changes grades

image1

Source: National Cyber Security – Produced By Gregory Evans

KSU student allegedly hacks Owl Express, changes grades

A former Kennesaw State University student is in police custody for allegations hacking into Owl Express to change grades.
According to The Atlanta Journal-Constitution, Chase Hughes turned himself in to the Cobb County Sheriff’s Office on Monday, Sept. 19.
Hughes

The post KSU student allegedly hacks Owl Express, changes grades appeared first on National Cyber Security.

View full post on National Cyber Security

#DontEraseIndia Campaign: Curriculum Changes Would Hurt Hindu Students – Curriculum Matters – Education Week

The Hindu American Foundation says proposed changes to California’s history framework erase or misrepresent India and Hinduism.

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post #DontEraseIndia Campaign: Curriculum Changes Would Hurt Hindu Students – Curriculum Matters – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Ingenious kid hacks his parents’ phones so that the word ‘no’ automatically changes to ‘hell yes’ – before asking them if he can throw a party

Source: National Cyber Security – Produced By Gregory Evans

At first glance it might seem like the young man in this post has the coolest parents ever – parents who not only give the go-ahead for him to have a party, but consent with an emphatic ‘hell yes!’ But things aren’t quite what they seem. According to a recent post on Imgur/Reddit, prospective party host Brendan – under the username nasshole – managed to hack his parents’ phones in order to guarantee that he would get the ‘yes’ from his mom and dad in order to throw the bash. ‘Added a shortcut to parents’ phone every time they type “no”,’ explained the original poster of the text conversation. In a screenshot of a group conversation, the creative kid asks: ‘Hey guys can I throw a party tmrw night. [sic]’ From there, hilarity and confusion ensues, as the boy has programmed his mother’s phone to autocorrect the word ‘no’ to something else entirely. ‘HELL YES, [sic]’ is the response that comes from Brendan’s mom. But something isn’t quite right, so she tries again. ‘Wait,’ she writes. ‘I typed HELL YES. [sic]’ The confused mom is soon backed up by Brendan’s father Jim, whose cell phone has similarly lost the ability to type […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Ingenious kid hacks his parents’ phones so that the word ‘no’ automatically changes to ‘hell yes’ – before asking them if he can throw a party appeared first on National Cyber Security.

View full post on National Cyber Security