help
now browsing by tag
Cybersecurity #policymaking is #out of #focus. Bureaucracy #hackers can #help.
Source: National Cyber Security News
The cybersecurity industry is in desperate need of more “bureaucracy hackers” — individuals within federal and state governments who are authorities on the intricacies of policy creation and the nature of today’s rapidly-evolving technology and threat landscapes.
To understand why, look no further than Georgia State Bill 315: Introduced in the Georgia state senate earlier this month, the bill has the entire cybersecurity community shaking its head in disbelief. In short, the bill is modeled after the highly-controversial Computer Fraud and Abuse Act, which makes accessing a network or computer without authorization illegal – even if there is no theft or damage. While many parts of the U.S. government are advancing cybersecurity by adopting industry’s best practices, such as allowing security researchers to identify and disclose vulnerabilities that make us all safer, Georgia is closing the door to these folks.
Sen. Mark Warner’s IOT Improvement Act is another clear example: Drafted and supported by a bipartisan group of senators, the bill aims to protect increasingly “connected” citizens and their homes by introducing a baseline security standard for all internet-connected devices.
In principle, this is exactly the type of legislative action we want to see from lawmakers.
View full post on National Cyber Security Ventures
5 #Reasons Why a #Credit Freeze Isn’t Enough to Help Protect #Against #Identity Theft
Source: National Cyber Security News
When a data breach happens, it’d be great if you could simply prevent identity theft with a credit freeze. The truth is, nothing can prevent identity theft, although there are things you can do to help protect against it.
Still, with identity thieves taking aim at everything from tax refunds to bank accounts, it’s worth asking the question: “Is a credit freeze a good idea?
It can be. But it may not be enough. Here’s why.
When your personal information is exposed in a data breach, you could face a greater chance of becoming a victim of identity theft. More of your information could be out there. And if it is, it might be for sale on the dark web for criminals to acquire.
Consider this statistic: You are 11 times more likely to be a victim of identity fraud if you are notified of a breach. That’s according to the 2017 Identity Theft Study by Javelin Strategy & Research.
No one wants their personal information stolen in a data breach. But if it happens to you, you’ll probably want to do whatever you can to help protect yourself against identity theft.
Read More….
View full post on National Cyber Security Ventures
Cyber Security #breakfasts to help #businesses deal with #security #threats
Source: National Cyber Security – Produced By Gregory Evans
Cyber security is to come under the spotlight as police demonstrate a live hack to encourage businesses to protect themselves.
The safety of the online world is a hot topic with threats from hackers, criminals, activists, terrorists and even disgruntled employees who target vulnerable firms.
Now the North East Cyber Crime Unit (NERSOU) has teamed up with local police forces to host ‘cyber breakfasts’ in a bid to urge businesses to protect themselves against the growing menace of cyber-crime.
Detective Sergeant Martin Wilson from NERSOU, said: “North East businesses are underprepared when it comes to cyber threats, with many having no contingency plans in place for a crisis.
“Whilst it is easy enough to recognise an insecure window or an unlocked door, it is not always as easy to spot that your computer system has been compromised.
“The purpose of these breakfasts is simple, we want to show businesses how they can be vulnerable to a cyber-attack by demonstrating a live hack with the help of Waterstons, an IT consultancy based in Durham.
“This may all sound like doom and gloom but it is not, we can give you the support to defend against these hacks and are offering a free vulnerability assessment service, which can give you an overview of your ICT weaknesses so you can fix them before cyber criminals find them.”
The free events will take place across the region in Durham City, Darlington and Barnard Castle and it will be a chance for businesses to speak to experts in cyber-crime and enable organisations in the North East to come together to share their experiences and learn from best practice.
“Cyber-crime has been on people’s radars for a while now but it is still an evolving global threat and attacks are incredibly disruptive. It is a growing part of the workload of policing in UK,” said DS Wilson whose team has recently expanded to deal with these type of crimes.
“We are a dedicated team of detectives here to protect businesses and members of the public,” he added.
The post Cyber Security #breakfasts to help #businesses deal with #security #threats appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Wall #Street Teams Up to Help Save #Client Data in #Cyber Attack
On Wall Street, backing up data now comes with a code name.
Nearly three dozen banks are leading a group called Sheltered Harbor that’s designed to protect consumers’ access to their data in the event a financial institution is hacked. Banks, credit unions and brokerages representing 400 million accounts — or 70 percent of U.S. retail accounts and 60 percent of U.S. brokerage accounts — have signed up to be part of the effort, which went live earlier this year.
Sheltered Harbor requires members to encrypt their customer account data and store it in a vault that is both survivable and accessible in case of a cybersecurity incident, according to the group’s website. If a breach does occur, the affected bank must retrieve and transmit its data to another financial institution, which can load it onto its core platform. That way customers of the hacked bank can still access their account information.
“The focus is on really trying to protect the consumers’ access to their assets,” Steve Silberstein, chief executive officer of Sheltered Harbor, said in a telephone interview. “We have to continue to make the system safer, and it continues to require some amount of sharing and some amount of cooperation to do that.”
For large global banks, it costs $50,000 to participate in Sheltered Harbor, which helps the firms coordinate responses to a cyber attack. For everyone else, fees are based on the amount of assets each one has and can range from $250 to $25,000, according to the group’s website.
The group was formed in November 2016 and its recent progress was reported Sunday by The Wall Street Journal.
Hamilton Series
Sheltered Harbor is a subsidiary of the Financial Services Information Sharing and Analysis Center — or FS-ISAC. Phil Venables, chief operational risk officer at Goldman Sachs Group Inc., and James Rosenthal, former chief operating officer at Morgan Stanley, are co-chairs of the project, according to a press release from FS-ISAC.
The group was formed after banks participated in an exercise in 2015 that was run by FS-ISAC and the U.S. Treasury Department called the Hamilton Series. The exercise exposed how data breaches could hurt consumer confidence in the financial system, even if the incident occurred at a regional or community bank.
Sheltered Harbor does not hold any of the bank account data. Instead, it has created the standards for joining the group and monitors banks’ adherence to those standards, said Silberstein, who was previously the chief technology officer at Sungard Data Systems Inc.
View full post on National Cyber Security Ventures
National #cybersecurity #strategy can help #Ireland cement its place as an #infosec #hub within #Europe
Source: National Cyber Security – Produced By Gregory Evans Something interesting has happened in the past year: the term ‘cybersecurity’ has finally entered the mainstream. Due to a period of global instability and numerous cyberattacks by actors eager to take advantage of the uncertainty wrought by Brexit and Trump, the issue of cybersecurity has never […]
View full post on AmIHackerProof.com | Can You Be Hacked?
Cybersecurity #Tips to Help #Retailers and #Consumers Stay #Secure During the #Holiday Season
Source: National Cyber Security – Produced By Gregory Evans
It’s time to take advantage of all those holiday specials and spend all your hard-earned bitcoin — er, I mean money — buying gifts for friends, family and, of course, yourself. Many retailers, large and small, online and brick-and-mortar, run holiday promotions as early as September. Gone are the days of waiting until Black Friday or Cyber Monday to take advantage of sales and specials.
The bad guys will be shopping, too — just not for the same items you are. Instead, they will be shopping for your wallet.
It’s true that some cyber Grinches ramp up their malicious activities during the holiday season, perhaps in the form of holiday-specific spam, spear phishing or compromised sites. While increased vigilance is encouraged during this time, there are a number of cybersecurity tips and best practices consumers and retailers should follow throughout the year to help mitigate threats. Having the right controls and awareness in place before the holidays can go a long way during the busy shopping season.
For Retailers: Vigilance Encouraged Throughout the Year
Black Friday and Cyber Monday are heavy shopping days and are likely to remain so for the foreseeable future. However, IBM X-Force research conducted over the past few years revealed that there was no significant uptick in network attacks targeting X-Force-monitored retailers during the traditional holiday shopping period in late November. In fact, last year, the volume of attacks for those two days fell below the daily attack average for retailers.
However, now that the shopping extravaganza lasts for two or more months, it’s possible that this four-day window is too short of a time period to identify notable network attack trends.
So far in 2017, network attacks targeting retail networks were highest in Q2, with June being the most-targeted month. Attacks dropped notably beginning in August and have been steadily declining, with the volume of attacks monitored for October below the monthly average for the year.
Time to celebrate? Not necessarily. In 2016, we observed a notable surge in the volume of attacks targeting retailers in mid to late December. Additionally, malware compromises occurring earlier in the year that have gone undetected can wreak havoc once the busy season commences. In December 2016, a security researcher discovered that nearly 7,000 online stores running Magento shopping cart software were infected with data-stealing skimmer malware capable of logging credit cards and passwords and making them available to attackers as image files for exfiltration.
Furthermore, bad actors do not have to steal anything to wreak havoc on the retail industry. A distributed denial-of-service (DDoS) attack is enough to cost the sector millions. In fact, the average cost of DDoS attack for organizations across all industries rose to over $2.5 million in 2016.
Retailers are encouraged to monitor their networks with increased vigilance during this holiday season. Vulnerable point-of-sale (POS) systems, compromised websites, and targeted spam and phishing campaigns can be costly.
To help keep your security posture strong over this holiday shopping season and all year long, review and implement the recommendations outlined in the IBM report, “Security Trends in the Retail Industry.”
For Consumers: What Cybersecurity Tips Are Missing From Your Repertoire?
Many online consumers have improved their security awareness as media coverage and education opportunities have increased. However, below are a few cybersecurity tips that many consumers likely haven’t thought of.
Assess Convenience Versus Risk
Our digital interactions leave data trails. Finding the right balance between personalization and privacy is the consumer’s responsibility, not just the retailer’s. Many sites have the option to save your card data for future use. While this feature offers convenience to the consumer, the stored data can be stolen via SQL injection attacks or other database compromises — after all, there are billions of leaked records due to misconfigured servers. Always look for the green lock icon in the browser address bar to ensure a secure connection to websites.
Be Wary of Unsuspicious Emails
Criminals have gotten really good at devising phishing lures that are extremely difficult to recognize as fraudulent. Receive an attachment from someone that appears to be in your contact list? Call them to confirm. Order something online? Before clicking the “track package” link in the confirmation email, ensure that it is actually an item you purchased from the correct vendor.
Use Passphrases and Multifactor Authentication
Exercise strong password hygiene by choosing to use a long, easy-to-remember passphrase, such as “ipreferpassphrasesoverpasswords,” instead of complex passwords containing a combination of letters, numbers and special characters. Unfortunately, this is not always an option since many websites now require a password that contains this combination. Use different passphrases for each site. If this seems too daunting, use a password manager. Rather than managing dozens of passphrases on your own, you’ll just have to remember the one key to your digital vault.
Always opt for multifactor authentication when available, and figure out which option is the most secure when choosing a real-time short message service (SMS) text message, an email message or an automated phone call.
Get Creative With Security Questions
When setting up new accounts, opt for security and password reset questions that aren’t public to make it harder for fraudsters to get their hands on your information. For example, don’t use your mother’s maiden name, which could be easily found online. Even answers to opinion-based questions, such as favorite movie, food, etc., can be found on social media. For increased security, lie about your answers or use passphrases as the answers.
Skimmers Abound
By now, you have most likely heard of skimmers being placed on the card readers at gas stations and bank ATMs. A skimmer is a hidden device placed inside the mouth of a payment card reader that is designed to copy your card data for criminals to user later. But what about in-store POS systems? Be on the lookout for suspicious-looking card swiping terminals that could be skimmers, or cash register attendants who seem to swipe your card on two different readers. Maintain this vigilance not only during the holiday season, but all the time, especially if you travel to other countries.
Know Your Card Security Features
Banks and credit card companies have implemented some great security features, such as being able to set limits on the number of times the card can be used within an hour or on the amount that can be spent on one purchase. However, if you’re unaware of these limits for your personal accounts or your phone number is not up to date in your bank profile, you may end up with a declined card.
Cover Your Card
Is the person in line behind you taking a selfie, or is he or she taking a picture of your card as you make a purchase? By obtaining the credit card number, name, expiration date and the card security code or card verification value on the back, an attacker may be able to use the information to make online purchases.
Keep Your Guard Up Year-Round
The holiday season is a great time to take stock of the past year while relaxing and spending time with loved ones, but it’s no time to let your guard down, especially given the increasing sophistication of cybercriminal tactics targeting holiday shoppers and sellers alike. We encourage retailers and consumers to follow best practices not only this holiday season, but also all year long to help mitigate attacks and compromise.
The post Cybersecurity #Tips to Help #Retailers and #Consumers Stay #Secure During the #Holiday Season appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Hackers to #Help Make #Voting #Machines Safe Again
Source: National Cyber Security – Produced By Gregory Evans
Following the recent declaration by the U.S. National Security Agency that Russian hackers tried to infiltrate the electronic voting machines used in the last U.S. presidential election, many people are calling for a lot of things especially for the electronic voting machines to be scrapped. Although the Russians did not succeed, more questions are still left on the table.
Bipartisan bill to secure voting machines
U.S. senators looking for answers have constituted a committee and is hoping to pass a bipartisan bill called the Securing America’s Voting Equipment (SAVE) Act. The bill will enlist help from the Department of Homeland Security to organize an event like the one held at the DEFCON hackers conference in July, themed the “Voting Machine Hacking Village.”
That DEFCON event exposed vulnerabilities in the electronic voting machines used in the last U.S. election. Hackers took less than two hours to break into the 25 voting machines that were brought to the DEFCON conference, and the first machine was penetrated in minutes. The results of the findings released at an event at the Atlantic Council in October was one of the key provocations for the US senators to introduce the SAVE bill.
Interestingly, some of the significant findings after the alleged Russian breach were centered on the use of foreign materials in the production of these voting machines. Hackers at the DEFCON event pointed to the possibility of having malware embedded into the hardware and software along the entire supply and distribution chain. It was also believed that hackers could have tampered with voters’ registration on the touch screen voting machines.
Hackers enlisted to hunt for vulnerabilities in voting machines
Called the “Cooperative Hack the Election Program”, the initiative mirrors the bug bounty programs previously ran by the U.S. Department of Defense (DoD) where friendly hackers were invited to hack the Pentagon, Army and Air Force. The program is set to swing into motion one year after the bill is in play.
The stated objective of the program is “to strengthen electoral systems from outside interference by encouraging entrants to work cooperatively with election system vendors to penetrate inactive voting and voter registration systems to discover vulnerabilities of, and develop defenses for, such systems.”
Just like past U.S. DoD programs, the “Hack the Election” competition will offer incentives for hackers to find security weakness in the election system. Hackers playing by the rules will also be waived from the Computer Fraud and Abuse Act (CFAA) and the Digital Millennium Copyright Act (DMCA).
Hackers to replicate past successes against voting machines
Looking at past results, we can expect excellent outcomes for the new program. The first of these bug bounties was the ‘Hack the Pentagon’ program where hackers found 138 vulnerabilities. This was quickly followed by the ‘Hack the Army’ program which yielded 118 vulnerabilities and ‘Hack the Air Force’ program with a bountiful harvest of 207 vulnerabilities.
While it is not clear if the hacking program is a one-off event, the bill does propose a requirement for integrity audits to be performed every four years on the voting machines starting from 2019. There is also the provision for grants to be given to help states enhance the security of their voting systems.
The post Hackers to #Help Make #Voting #Machines Safe Again appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Main #cybersecurity #management #challenge? People, but simple #tech can help
Source: National Cyber Security – Produced By Gregory Evans Alissa Johnson doesn’t hesitate when asked whether people or technology is the harder-to-crack cybersecurity management challenge. It’s people, the Xerox Corp. CISO told SearchCIO at Gartner Symposium/ITxpo in Orlando, Fla., earlier this month. “You can tell technology exactly what you want it to do, and it’s […]
View full post on AmIHackerProof.com | Can You Be Hacked?
A Student’s #Guide on How to Help #Protect Against #Identity Theft
Source: National Cyber Security – Produced By Gregory Evans
Your college career is supposed to be about finding yourself and forging your identity—not having it stolen. But, in the United States, over 15 million consumers experienced identity fraud in 2016.
There’s a new victim of identity fraud every two seconds, according to the 2017 Fraud Study from Javelin Strategy & Research. Many of those victims could be college students.
The risk you face? A thief who steals your identity can commit crimes in your name or prevent you from getting that coveted job after graduation.
It’s smart to take steps to learn how to help protect yourself against identity theft. This guide can help. Think of it as “How to Help Protect Against Identity Theft 101.”
An identity-theft definition
What is identity theft? Identity theft occurs when someone steals your personal information — such as your name, address, Social Security number, date of birth, and more — and commits fraud in your name.
Criminals may use your personal data to take over your bank account or open new credit cards and run up debt, all while pretending to be you. They might file fake tax returns, buy or rent property, or commit a host of other crimes using your information.
As a college student, you have plenty to do without having to worry about identity theft. But, like a looming final exam, identity theft isn’t going away. Learning how to help protect yourself—and your financial future—is fast becoming a required course.
What’s in ‘A Student’s Guide’
Here’s what you’ll find in this guide:
Facts about identity theft
How students can help protect their identity
How identity theft happens—from low-tech to high-tech techniques
We’ve also included two additional sections:
A Teacher’s Guide on How to Help Protect Against Identity Theft
A Campus Police Officer’s Guide on How to Help Protect Against Identity Theft
Facts about identity theft
Here are two things you should know about identity theft: It’s big and it can affect your future.
How big? Consider these statistics:
In 2016, over 100 million hours were spent by identity fraud victims trying to resolve their issue, according to a 2017 Fraud Study from Javelin Strategy & Research.
22 percent of students found out they had been a victim of identity fraud after being denied credit or contacted by a debt collector, according to a 2015 Identity Fraud Study, released by Javelin Strategy & Research. Also, the study found students were three times more likely to be victims of identity-theft fraud than the general population.
Identity theft and your future
As for your future, you came to college to prepare for it. But if you become a victim of identity theft, you could spend hours, days, or more dealing with the mess. You also may face obstacles to starting a career and becoming financially independent.
That’s because when an identity thief commits fraud in your name, it can become part of your record. Your financial history—including an identity thief’s bogus dealings—will likely appear in your credit file. Credit bureaus store that data, and a credit file showing financial misdeeds can lead to a low credit score. A low credit score can make it hard to qualify for a variety of financial products and certain life necessities.
Lenders and other businesses typically check your credit report before deciding whether to lend you money or make other big decisions involving your future. Here are a few ways a damaged credit file can hurt you.
You may have a hard time getting approved for a credit card or loan.
You may not get a job offer from a potential employer.
You could have trouble renting an apartment.
You may be unable to get a cell phone account.
No one can prevent all identity theft. But you can take steps to help minimize the risk, and those start will helping to protect your personal information.
How students can help protect their identity
As a college student, you probably have personal information in a lot of places — in your computer, cell phone, academic file, wallet, even on the top of your desk. The goal is to protect this information.
Here’s how to help protect against identity theft from happening:
Guard your numbers. You have a lot of them — credit and debit card numbers, driver’s license number, PINs. Your Social Security number is your most valuable identifier and one of the most prized by identity thieves. Share these numbers only when absolutely necessary, and only when there’s a legitimate reason to provide them. It’s a good idea to memorize your important numbers and never leave them in plain view of someone else.
Avoid public Wi-Fi. Public Wi-Fi networks are not secure. That means that when you go to a café to do work on your computer, someone can intercept what you’re looking at on the web. That might include your email, browsing history and passwords. Your defense? It’s always smart to use a virtual private network. A VPN creates an encrypted connection between your computer and the VPN server. As a result, a nearby hacker can’t intercept your information. If you’re tempted to perform a financial transaction—like, buying something on the web—a VPN is essential.
Beware of shoulder surfing. Always be aware of your surroundings. Take time to make sure someone isn’t glancing over your shoulder while you enter your PIN number at an ATM or key in personal information into your cell phone. Think twice about providing a credit card number over the phone if someone is within listening distance.
Don’t overshare. Identity thieves often seek to bundle your personal information. What you post on social networks can be a rich source of information. Identity thieves can glean details from your life that could help answer security questions on websites—like, “Where were your born?” or “What’s your favorite food?”
Keep personal information in a safe place. It’s easy to leave a credit card or driver’s license lying on your desk. But colleges are social places. It’s hard to predict who might pass through your living space and potentially steal the information on those cards. It could be a friend, or a friend of a friend, or an out-of-town guest of your roommate.
Shred documents that contain personal information. A paper shredder may not have the same college appeal as, say, a refrigerator in your room. But it’s essential for shredding papers that include your personal information. For instance, you probably receive credit card offers in the mail. Don’t just toss them in the trash, where someone could retrieve them. Shred them right away.
Protect your computer from malware. Malware—short for malicious software—includes computer viruses and spyware. It can get installed on your computer or mobile device and you might not realize it. Identity thieves use malware to steal personal information and commit fraud. What to do? Install security software from a reputable company. It’s also essential to keep all your software programs up to date. Another precaution: Back up your information in case a hacker corrupts your computer.
Get savvy about online scams. Identity thieves may try to trick you into clicking on links that install malware on your computer. Or they might set up fake websites offering amazing “deals” to lure you into providing your credit card information. Stick with reputable websites. Never click on a link or an attachment from someone you don’t know.
Keep track of your credit history. The federal Fair Credit Reporting Act allows you to get a free credit report from each of the three major credit bureaus annually. This is where you can look to see if anyone has opened an account in your name. If you see something suspicious, you can take appropriate actions. You can get your free reports at annualcreditreport.com.
Use strong passwords on all your devices. A strong password includes letters, numbers and symbols. It’s a good idea to have separate passwords for all your devices, including computer, tablet, and cellphone. Never share your password with someone else. And remember to change it periodically. Or consider using a reputable password manager. A passport manager is a software application with strong security features that manages and stores your passwords.
Mind your bank cards. Notify your bank or credit card company if you misplace your credit or ATM card. They’ll likely cancel your card and send you a replacement with a new number. Usually they will review recent transactions with you to identify any suspicious activity. As a general rule, check your bank and credit card statements regularly to make sure all activity is legitimate.
A Teacher’s Guide to How to Help Protect Against Identity Theft
As a teacher, you could have the opportunity to help protect students from identity theft.
It’s a good idea to familiarize yourself with the information in A Student’s Guide on How to Help Protect Against Identity Theft. It will help you understand how identity theft happens in college. And you can help guide students in how to minimize the risk.
A Teacher’s Guide includes a list of resources that you can share with your students to help them keep their identities safe.
Here’s a checklist of ways you can help.
Encourage students to practice smart online habits. Let students know, for instance, that not all networks on campus may be secure. If your course requires purchasing materials online, remind students to use a secure network or virtual private network (VPN). Discuss the risk of sharing personal information when students work collaboratively on projects.
Help keep your students’ numbers safe. It’s a good idea never to use a student’s Social Security number as official identifier in coursework or assignments. A student’s Social Security number is a key piece of information for identity thieves.
If appropriate, let students know there are key ways to help protect their identity. These range from checking their credit reports for suspicious accounts to never using a library or public computer to provide personal information.
Find out if your college offers any presentations or workshops on identity-theft protection. Keep a list of available resources handy.
Remind students to lock their computers and protect them with strong passwords. In general, students should never leave their computer where someone can snoop for personal information or steal it.
Point students to resources that can help provide additional information related to identity theft. Here are a few good ones:
U.S. Department of Education: Offers identity-theft prevention tips and materials.
U.S. Federal Trade Commission: Includes prevention and recovery tips. Also offers free publications in bulk.
Identity Theft Resource Center: Includes tips for students and parents.
Finally, it’s important to remind students that protecting their identities is important to their college career and future. Your identity is one of your most important assets.
A Campus Police Officer’s Guide on How to Help Protect Against Identity Theft
As a college law enforcement official, you know that your job is to keep the campus safe and secure. Helping students protect themselves against identity theft may be a crucial part of that.
Here’s a check list of things you might do:
Be familiar with A Student’s Guide to Help Protect Against Identity Theft. It will help you understand how identity theft happens in college, and how you can help students minimize the risk.
Encourage safe practices: Consider reminding students that campus theft often involves the loss of personal information—whether it involves a wallet, computer or personal documents.
Consider a policy for protecting lost devices, such as computers and cellphones that have been turned in to the campus police department. Establish a protocol for making sure the devices get back to their rightful owners.
Become an active partner in protecting against identity theft. Develop and distribute materials about what students can do avoid identity theft.
Encourage students to lock their dorm rooms or apartments when they’re away.
Point student to resources that can help provide additional information related to identity theft. Here are three good ones:
U.S. Department of Education: Offers identity-theft prevention tips and materials.
U.S. Federal Trade Commission: Includes prevention and recovery tips and facts about identity theft. Also offers free publications in bulk.
Identity Theft Resource Center: Includes tips for students and parents.
The post A Student’s #Guide on How to Help #Protect Against #Identity Theft appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
How #AI can help you stay ahead of #cybersecurity threats
Source: National Cyber Security – Produced By Gregory Evans
Since the 2013 Target breach, it’s been clear that companies need to respond better to security alerts even as volumes have gone up. With this year’s fast-spreading ransomware attacks and ever-tightening compliance requirements, response must be much faster. Adding staff is tough with the cybersecurity hiring crunch, so companies are turning to machine learning and artificial intelligence (AI) to automate tasks and better detect bad behavior.
What are artificial intelligence and machine learning?
In a cybersecurity context, AI is software that perceives its environment well enough to identify events and take action against a predefined purpose. AI is particularly good at recognizing patterns and anomalies within them, which makes it an excellent tool to detect threats.
Machine learning is often used with AI. It is software that can “learn” on its own based on human input and results of actions taken. Together with AI, machine learning can become a tool to predict outcomes based on past events.
Using AI and machine learning to detect threats
Barclays Africa is beginning to use AI and machine learning to both detect cybersecurity threats and respond to them. “There are powerful tools available, but one must know how to incorporate them into the broader cybersecurity strategy,” says Kirsten Davies, group CSO at Barclays Africa.
For example, the technology is used to look for indicators of compromise across the firm’s network, both on premises and in the cloud. “We’re talking about enormous amounts of data,” she says. “As the global threat landscape is advancing quite quickly, both in ability and collaboration on the attacker side, we really must use advanced tools and technologies to get ahead of the threat themselves.”
AI and machine learning also lets her deploy her people for the most valuable human-led tasks. “There is an enormous shortage of the critical skills that we need globally,” she says. “We’ve been aware of that coming for quite some time, and boy, is it ever upon us right now. We cannot continue to do things in a manual way.”
The bank isn’t alone. San Jose-based engineering services company Cadence Design Systems, Inc., continually monitors threats to defend its intellectual property. Between 250 and 500 gigabits of security-related data flows in daily from more than 30,000 endpoint devices and 8,200 users — and there are only 15 security analysts to look at it. “That’s only some of the network data that we’re getting,” says Sreeni Kancharla, the company’s CISO. “We actually have more. You need to have machine learning and AI so you can narrow in on the real issues and mitigate them.”
Cadence uses these technologies to monitor user and entity behavior, and for access control, through products from Aruba Networks, an HPE company. Kancharla says that the unsupervised learning aspect of the platform was particularly attractive. “It’s a changing environment,” he says. “These days, the attacks are so sophisticated, they may be doing little things that over time grow into big data exfiltration. These tools actually help us.”
Even smaller companies struggle with the challenge of an overload of security data. Daqri is a Los Angeles-based company that makes augmented reality glasses and helmets for architecture and manufacturing. It has 300 employees and just a one-person security operations center. “The challenge of going through and responding to security events is very labor-intensive,” says Minuk Kim, the company’s senior director of information technology and security.
The company uses AI tools from Vectra Networks to monitor traffic from the approximately 1,200 devices in its environment. “When you look at the network traffic, you can see if someone is doing port scans or jumping from host to host, or transferring out large sections of data through an unconventional method,” Kim says.
The company collects all this data, parses it, and feeds it into a deep learning model. “Now you can make very intelligent guesses about what traffic could potentially be malicious,” he says.
It needs to happen quickly. “It’s always about the ability to tighten up the detection and response loop,” he says. “This is where the AI comes in. If you can cut the time to review all these incidents you dramatically improve the ability to know what’s happening in your network, and when a critical breach happens, you can identify and respond quickly and minimize the damage.”
AI adoption for cybersecurity increasing
AI and machine learning are making a significant difference in how fast companies can respond to threats, confirmed Johna Till Johnson, CEO at Nemertes Research. “This is a real market,” she says. “There is a real need, and people are really doing it.”
Nemertes recently conducted a global security study, and the average time it took a company to spot an attack and respond to it was 39 days — but some companies were able to do it in hours. “The speed was correlated with automation, and you can’t automate these responses without using AI and machine learning,” she says.
Take detection, for example: “The median time for detection is one hour,” she says. “High-performing companies typically do this in under 10 minutes — low performing companies take days to weeks. Machine learning and analytics can bring this time to effectively zero, which is why the high-performing companies are so fast.”
Similarly, when analyzing threats, the median time is three hours. High performing companies take just minutes, others take days or weeks. Behavioral threat analytics have already been deployed by 21 percent of the companies surveyed, she says, and another 12 percent says they would have it in place by the end of 2017.
Financial services firms in particular are on the leading edge she says, since they have high-value data, tend to be ahead of the curve on cybersecurity, and have money to spend on new technologies. “Because it’s not cheap.”
When it comes to broader applications of AI and machine learning, the usage numbers are even higher. According to a Vanson Bourne survey released on October 11, 80 percent of organizations are already using AI in some form. The technology is already paying off. The single biggest revenue impact of AI was in product innovation and R&D, with 50 percent of respondents saying the technology was making a positive difference, followed by customer service at 46 percent and supply chain and operations at 42 percent. Security and risk wasn’t far behind, with 40 percent seeing bottom-line benefits.
The numbers are likely to keep going up. According to a recent Spiceworks survey, 30 percent of organizations with more than 1,000 employees are using AI in their IT departments, and 25 percent plan to adopt it next year.
Seattle-based marketing agency Garrigan Lyman Group is deploying AI and machine learning for a number of cybersecurity tasks, including monitoring for unusual network and user activity and to spot new phishing emails. Otherwise, it’s impossible to keep up, says Chris Geiser, the company’s CTO. “The hackasphere is a volunteer army and it doesn’t take much education or knowledge to get started,” he says. “They automated their operations a long time ago.”
AI and machine learning gives the company an edge. Although the company is small — just 125 employees — cloud-based deployment makes it possible to get the latest technology, and get it quickly. “We can have those things up and running and adding value within a couple of weeks,” he says. The Garrigan Lyman Group has deployed AI-enabled security tools from Alert Logic and Barracuda, and Geiser says that he can see the products getting smarter and smarter.
In particular, AI can help tools adapt quickly to a company’s requirements without significant up-front training. “For example, an AI model can automatically learn that for some companies if the CEO is using a non-corporate email address it is anomalous,” says Asaf Cidon, VP of content security services at Barracuda Networks, Inc. “In other companies, it is totally normal for the CEO to use their personal email when they are communicating from their mobile device, but it would not be normal for the CFO to send emails from their personal address.”
Another benefit of cloud delivery is that it’s easier for vendors to improve their products based on feedback from their entire customer base. “Cybersecurity is a lot like neighborhood watch,” Geiser says. “If I didn’t like what I saw on the other end of the block, it tips everyone off that there could be a problem.”
In the case of phishing emails or network attacks, new threats can be spotted when they first show up in other time zones, giving companies hours of early warning. That does require a level of trust in the vendor, Geiser says. “We’ve gone on reputation, references, on a number of different due diligence paths to make sure that the vendors are the right vendors to use, and follow best practices for audit and compliance to make sure that only the right person has access,” he says.
As companies first transition from manual processes to AI-based automation, they look for another kind of trust — in addition to having visibility into the vendors’ operations, it helps to have visibility into the AI’s decision-making process. “A lot of the AI out there right now is this mysterious black box that just magically does stuff,” says Mike Armistead, CEO and co-founder at Respond Software, Inc. “The key in expert systems is to make it transparent, so people trust what you do. That gets even better feedback, and creates a nice virtuous cycle of reinforcing and changing the model as well.”
“You always need to know why it made the decision,” confirmed Matt McKeever, CISO at LexisNexis Legal and Professional. “We need to make sure, do we understand how the decision was made.”
The company recently began using GreatHorn to secure email for its 12,000 employees. “If we start getting emails from a domain that looks similar to a legitimate one, it will flag it as a domain look-alike, and it tells us, ‘We flagged it because it looks like a domain you normally talk to, but the domain header flags don’t look right,’” says McKeever. “We can see how it figured that out, and we can say, ‘Yes, that absolutely makes sense.’”
As the level of trust increases, and accuracy rates improve, LexisNexis will move from simply flagging suspicious emails to automatically quarantining them. “So far, the results have been really good,” McKeever says. “We have high confidence that we’re flagging is malicious email, and we’ll start quarantining it, so the user won’t even see it.”
After that, his team will expand the tool into other divisions and business areas at LexisNexis that use Office 365, and look at other ways to take advantage of AI for cybersecurity as well. “This is one of our early forays into machine learning for security,” he says.
How AI gets ahead of the threat landscape
AI gets better with more data. As vendors accumulate large data sets, their systems can also learn to spot very early indications of new threats. Take SQL injections, for example. Alert Logic collects about half a million incidents every quarter for its 4,000 customers, about half of which are SQL injection incidents. “There’s not a security company in the world that can look at each one of those with a human set of eyes and see if that SQL injection attempt was a success or not,” says Misha Govshteyn, Alert Logic’s cofounder and SVP of products and marketing.
With machine learning, the vendor is not only able to process the events more quickly, but also correlate them across time and geography. “Some attacks take more than a couple of hours, sometimes days, weeks, and in a few cases months,” he says. “Not only are they taking a long time to execute, but also coming from different parts of the Internet. I think these are incidents that we would have missed before we deployed machine learning.”
Another security vendor that is collecting a large amount of information about security threats is GreatHorn, Inc., a cloud-based email security vendor that works with Microsoft’s Office 365, Google’s G Suite, and Slack. “We’re now sitting on almost 10 terabytes of analyzed threat data,” says Kevin O’Brien, the company’s co-founder and CEO. “We’re starting to feed that information into a tensor field so we can start to plot relationships between different kinds of communications, different kinds of mail services, different kinds of sentiments in messaging.”
That means that the company can spot new campaigns and send messages to quarantine, or put warning banners on them days before they’re conclusively identified as threats. “Then we can retroactively go back and take them out of all email inboxes where they were delivered,” he says.
Where AI for cybersecurity is headed next
Looking for suspicious patterns in user behavior and network traffic is currently the low-hanging fruit for machine intelligence. Current machine learning systems are getting good at spotting unusual events in high volumes of data and carrying out routine analysis and responses.
The next step is to use artificial intelligence to tackle more thorny problems. For example, the real-time cyber risk exposure of a company depends on a large number of factors. Those include unpatched systems, insecure ports, incoming spear phishing emails, number of privileged accounts and insecure passwords, amount of unencrypted sensitive data, and whether it is currently being targeted by a nation-state attacker.
Having an accurate picture of its risks would help a company deploy resources most efficiently, and create a set of metrics for cybersecurity performance other than whether the company has been breached or not. “Today, if you were to try to describe your environment, this data is either not being gathered correctly or not being converted into information,” says Gaurav Banga, founder and CEO at Balbix, Inc., a startup that is specifically trying to tackle the problem of predicting the risk of a breach.
AI is key to solving that challenge. “We have 24 different types of AI algorithms,” Banga says. “We produce a bottom-up model, a risk heat map that covers every aspect of the environment, clickable so you can go down and see why something is red. It is prescriptive, so it tells you that if you can do these things, it can become yellow and eventually green. You can ask questions — ‘What is the number one thing I can do now?’ or ‘What is my phishing risk?’ or ‘What is my risk from WannaCry?’”
In the future, AI will also help companies determine what new security technologies they need to invest in. “Most companies today don’t know how much to spend on cybersecurity and how to spend it,” says James Stanger, chief technology evangelist at CompTIA. “I think we need AI to help provide metrics, so that as a CIO turns around and talks to the CEO or talks to the board, and says, ‘Here’s the money we need and here are the resources we need,’ and have the true and useful metrics to justify those costs.”
There’s a lot of room for progress, says Alert Logic’s Govshteyn. “There is very little use of AI in the security space,” he says. “I think we’re actually behind other industries. It’s amazing to me that we have self-driving cars before we have self-defending networks.”
In addition, today’s AI platforms don’t actually have an understanding of the world. “What these technologies are very good at are things like classification of data based on similar data sets that they’ve been trained on,” says Steve Grobman, CTO at McAfee LLC. “But AI isn’t really intelligent. It doesn’t understand the concept of an attack.”
As a result, a human responder is still a critical component of a cyber defense solution. “In cyber security, you’re trying to detect an adversary who is also human and is trying to thwart your detection techniques,” Grobman says.
That’s different from any other areas where artificial intelligence is currently being applied, such as image and speech recognition or weather forecasting. “It’s not like the hurricane is saying, ‘I’m going to change the laws of physics and make water evaporate differently to make it more difficult to track me,’” says Grobman. “But in cybersecurity, that’s exactly what’s happening.”
Progress is being made on that front. “There’s a research area called generative adversarial networks, where you have two machine learning models where one tries to detect something and the other sees if something was detected and tries to bypass it,” says Sven Krasser, chief scientist at CrowdStrike, Inc. “You can use things like that for red teaming, for figuring out what new threats can be.”
The post How #AI can help you stay ahead of #cybersecurity threats appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
D5 Creation