Cyber Defense eMagazine March 2020
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Data Protection Day 2020: De-Risking in The
Era of Transparency
Building Your Cyber Talent Pool Early In 2020
Why Zero Trust Isn’t So Trustworthy
Devops ― Are You Risking Security for
Agility?
Time Is of The Essence
Analysing Data Using the Intelligence Cycle:
An Overview
…and much more…
1
CONTENTS
Welcome to CDM’s March 2020 ---------------------------------------------------------------------------------------------- 6
Data Protection Day 2020: De-Risking in The Era of Transparency ---------------------------------------------- 22
By Daniel Fried, General Manager (GM) and Senior Vice President (SVP), EMEA and Worldwide Channels,
Veeam
How The Cybersecurity Industry Can Stop Shooting Itself In The Foot And Solve The Skills Gap -------- 25
By Rene Kolga, Head of Product, Nyotron.
Building Your Cyber Talent Pool Early In 2020 ------------------------------------------------------------------------- 29
By Karl Sharman, Vice-President, BeecherMadden
The Importance of Cybersecurity Education in The Workplace---------------------------------------------------- 31
By Aman Johal, Lawyer and Director of Your Lawyers
Be Wary of Cybercriminals This Valentine’s Day ---------------------------------------------------------------------- 34
By Claire Umeda, Vice President of Marketing, 4iQ
The Benefits And Risks Of Modernizing Voting Technology -------------------------------------------------------- 37
By Jenna Tsui, Freelance Writer
Why Zero Trust Isn’t So Trustworthy -------------------------------------------------------------------------------------- 41
By Benny Lakunishok, CEO and co-founder of Zero Networks
Mastering Automation to Solve Data Security for Healthcare Practices --------------------------------------- 44
By Anne Genge, CEO, Alexio Corporation
Devops ― Are You Risking Security for Agility? ------------------------------------------------------------------------ 46
By Morey Haber, CTO & CISO, BeyondTrust
Juggling Your Clouds ----------------------------------------------------------------------------------------------------------- 50
By Cameron Chehreh, Chief Technology Officer, Dell Technologies Federal
Time Is of The Essence --------------------------------------------------------------------------------------------------------- 53
By Filip Truta, Information Security Analyst, Bitdefender
Drowning in A Sea of Threat Data? Consider A Curator ------------------------------------------------------------- 56
By Rodney Joffe, Senior Vice President, Senior Technologist and Fellow, Neustar
2
Analysing Data Using the Intelligence Cycle: An Overview --------------------------------------------------------- 59
By Alan Blaney Managing Director of Focus Training
Cyber Defense and Cultural Heritage ------------------------------------------------------------------------------------- 64
By Milica D. Djekic
Tax Season Is Here. So Are the Scams. ------------------------------------------------------------------------------------ 68
By Eric H. Perkins, Sr. Security Risk Analyst, Edelman Financial Engines
Predicting the Direction of The PAM Market In 2020 ---------------------------------------------------------------- 71
By James Legg, President and CEO, Thycotic
Malware - A Cyber Threat for 2020 ---------------------------------------------------------------------------------------- 74
By Pedro Tavares, Founder of CSIRT.UBI & Editor-in-Chief seguranca-informatica.pt
VPNs - 2020 And Beyond ------------------------------------------------------------------------------------------------------ 77
By Sebastian Schaub, Founder and CEO, hide.me
The Gap in Security - Data Centric Security ----------------------------------------------------------------------------- 80
By Eric Rickard, CEO, Sertainty Federal Systems
A View of How DDOS Weapons Evolved In 2019 ---------------------------------------------------------------------- 84
By Anthony Webb, EMEA Vice President at A10 Networks
Network Security Must Keep Up with Video Surveillance Systems’ Rise in Criticality to Public Safety
and Security in The Middle East -------------------------------------------------------------------------------------------- 87
By Rabih Itani, the Middle East region security business head at Aruba, a Hewlett Packard Enterprise
company
Shadow Iot Devices A Major Concern for Corporate Networks --------------------------------------------------- 89
By Ashraf Sheet, Regional Director Middle East & Africa at Infoblox
The Hard Drive Secondary Market: The Sorry State of The Industry --------------------------------------------- 92
By James Mannering, Hard Drive Product Manager at NextUse
Smart Buildings ------------------------------------------------------------------------------------------------------------------ 95
By Andrea Carcano, Nozomi Networks Co-founder and CPO
What the Latest Enterprise Endpoint Security Survey Shows Us: Big Concerns but Hope for The Future
---------------------------------------------------------------------------------------------------------------------------------------- 98
By Jeff Harrell, Vice President of Marketing, Adaptiva
3
@MILIEFSKY
From the
Publisher…
New CyberDefenseMagazine.com website, plus updates at CyberDefenseTV.com & CyberDefenseRadio.com
Dear Friends,
On the heels of our very successful participation in the just-concluded RSA
Conference 2020, we are now positioned to take the next steps in our development
plans for Cyber Defense Magazine and the Cyber Defense Media Group.
As we had projected, we are now delighted to confirm completion of our InfoSec
Awards for 2020, as well as our program of interviews, which are now live on
https://www.cyberdefensetv.com and https://www.cyberdefenseradio.com. They include active
participation by market leaders, innovators, and others offering some of the best solutions for cyber
security in the global marketplace.
Our team of over 20 professionals will be returning home to consolidate and evaluate the substantive
information and perspectives of the many RSA Conference participants who are now becoming more
active with our organization.
In this March 2020 issue of Cyber Defense Magazine, and going forward the year, we continue to bring
you thoughtful and valuable articles by industry leaders.
It is both a pleasure and an honor to bring our readers and subscribers this new issue, and to look forward
with great anticipation to serving you in the future.
Warmest regards,
Gary S. Miliefsky
Gary S.Miliefsky, CISSP®, fmDHS
CEO, Cyber Defense Media Group
Publisher, Cyber Defense Magazine
P.S. When you share a story or an article or information about CDM, please use #CDM and
@CyberDefenseMag and @Miliefsky – it helps spread the word about our free resources even
more quickly.
4
@CYBERDEFENSEMAG
CYBER DEFENSE eMAGAZINE
Published monthly by the team at Cyber Defense Media Group and
distributed electronically via opt-in Email, HTML, PDF and Online
Flipbook formats.
InfoSec Knowledge is Power. We will
always strive to provide the latest, most
up to date FREE InfoSec information.
From the International
Editor-in-Chief…
Based on reported developments of the past month, as well as
some of the excellent information shared at the 2020 RSA
Conference, we continue to observe and discuss the challenges of
conducting effective cybersecurity measures in the international
environment.
One theme seems to stand out in this marketplace of ideas:
“Compliance does not assure security.” From my perspective, this
means that all the efforts to secure compliance with the many
legal and regulatory provisions will still not result in an effective
cybersecurity program without implementing a results-oriented
protocol.
In particular, the continuing (even accelerating) proliferation of
standards and regulations adopted by different jurisdictions, from
supranational to State and local governments, places a great onus
on organizations with multi-jurisdictional operations. In case this
does not sound an alarm, it affects all but the smallest local
businesses.
We will continue to study and seek input from those who are most
knowledgeable in this field, and will endeavor to share them with
our readers as they come to light. At Cyber Defense Magazine, we
are grateful for our writers and sponsors for sharing their
expertise with our staff and readers.
We invite you to read and consider the thoughtful presentations
in this issue. As always, we welcome your comments on your own
experiences in dealing with the growing complications in
international cybersecurity practice.
To our faithful readers, we thank you,
Pierluigi Paganini
International Editor-in-Chief
PRESIDENT & CO-FOUNDER
Stevin Miliefsky
stevinv@cyberdefensemagazine.com
INTERNATIONAL EDITOR-IN-CHIEF & CO-FOUNDER
Pierluigi Paganini, CEH
Pierluigi.paganini@cyberdefensemagazine.com
US EDITOR-IN-CHIEF
Yan Ross, JD
Yan.Ross@cyberdefensemediagroup.com
ADVERTISING
Marketing Team
marketing@cyberdefensemagazine.com
CONTACT US:
Cyber Defense Magazine
Toll Free: 1-833-844-9468
International: +1-603-280-4451
SKYPE: cyber.defense
http://www.cyberdefensemagazine.com
Copyright © 2019, Cyber Defense Magazine, a division of
CYBER DEFENSE MEDIA GROUP (a Steven G. Samuels LLC d/b/a)
276 Fifth Avenue, Suite 704, New York, NY 10001
EIN: 454-18-8465, DUNS# 078358935.
All rights reserved worldwide.
PUBLISHER
Gary S. Miliefsky, CISSP®
Learn more about our founder & publisher at:
http://www.cyberdefensemagazine.com/about-our-founder/
WE’RE TURNING A CORNER INTO
8 YEARS OF EXCELLENCE!
Providing free information, best practices, tips and
techniques on cybersecurity since 2012, Cyber Defense
magazine is your go-to-source for Information Security.
We’re a proud division of Cyber Defense Media Group:
CYBERDEFENSEMEDIAGROUP.COM
MAGAZINE TV RADIO AWARDS
5
Welcome to CDM’s March 2020
From time to time, it’s necessary to look back in order to go forward with confidence. In our March issue,
you will notice a few articles that may seem out of place – mainly because they refer to dates or
celebrations which have already passed. The point is that annual recognition may emphasize a once-ayear
focus on a particular event or concept, but the thrust of that recognition must be maintained all year
long in order to reach the desired outcome.
Two examples in this issue are the 14 th edition of Data Protection Day, which was celebrated globally on
28 January 2020, and Valentine’s Day, celebrated on February 14 th . Both of these dates are past, and
the celebrations complete for this calendar year. However, we are well advised to pay attention to the
admonitions in the two articles in this issue on the respective topics.
In this issue, we also continue analyzing and projecting the needs and fulfillment of the market for
cybersecurity professionals. In an age of questionable ROI on the cost of many academic degrees and
certifications, cybersecurity stands out as an exception to the trend of graduating with burdensome debt
and finding the job market will barely provide enough income to live while retiring student debt.
Another leading topic now and continuing over the next several months is election technology and
security. No other cyber application is so intimately involved with our very democracy as the integrity of
the voting process. Even paper-and-pencil/pen solutions are subject to manipulation in the collection,
storage, transmission, and interpretation of election results.
With over 5 million individual inquiries per month, CDM maintains its position as the leading publication
for cybersecurity professionals.
Wishing you all success in your cyber security endeavors,
Yan Ross
US Editor-in-Chief
Cyber Defense Magazine
About the US Editor-in-Chief
Yan Ross, J.D., is a Cybersecurity Journalist & US Editor-in-Chief for Cyber
Defense Magazine. He is an accredited author and educator and has
provided editorial services for award-winning best-selling books on a
variety of topics. He also serves as ICFE's Director of Special Projects,
and the author of the Certified Identity Theft Risk Management Specialist
® XV CITRMS® course. As an accredited educator for over 20 years, Yan addresses risk management
in the areas of identity theft, privacy, and cyber security for consumers and organizations holding sensitive
personal information. You can reach him via his e-mail address at
yan.ross@cyberdefensemediagroup.com
6
7
8
9
10
11
12
13
14
Your website could be vulnerable to outside attacks. Wouldn’t you like to know where those
vulnerabilities lie? Sign up today for your free trial of WhiteHat Sentinel Dynamic and gain a deep
understanding of your web application vulnerabilities, how to prioritize them, and what to do about
them. With this trial you will get:
An evaluation of the security of one of your organization’s websites
Application security guidance from security engineers in WhiteHat’s Threat Research Center
Full access to Sentinel’s web-based interface, offering the ability to review and generate reports as well
as share findings with internal developers and security management
A customized review and complimentary final executive and technical report
Click here to sign up at this URL: https://www.whitehatsec.com/info/security-check/
PLEASE NOTE: Trial participation is subject to qualification.
15
16
17
18
19
20
21
Data Protection Day 2020: De-Risking in The Era of
Transparency
By Daniel Fried, General Manager (GM) and Senior Vice President (SVP), EMEA and Worldwide
Channels, Veeam
The issue of data protection and privacy was, until recently, a conversation confined to a specific group
of people within an organisation. Unless you were an IT consultant or a corporate lawyer, privacy
compliance was something somebody else took care of. So, how have we reached the point where many
organizations are bound by law to employ a Data Protection Officer (DPO)? Why are CEOs now so
interested in their company’s data protection and privacy policies?
You could be easily fooled into thinking data privacy as a field has only existed since 2018, but nothing
could be further from the truth. From an anthropological perspective, human beings have longed for
privacy for over 3,000 years. The use of internal walls within buildings which started to become
commonplace in 1500 AD proves this. The concept of the ‘right to privacy’ as we know it is indeed younger
– eventually being formalised as an international human right in 1948. Sweden became the first country
to enact a national data protection law in 1973. Even this, the first tangible effort to regulate data privacy,
22
happened in response to public concern over the increasing use of computers to process and store
personal information.
While our understanding of the current data privacy conversation must operate within this context, there
is no denying that 2018 was a watershed moment. The General Data Protection Regulation (GDPR) may
be less than two years’ old, but its impact has been significant. As well as its very specific nature which
makes the regulation enforceable, GDPR regulators have not been frightened to flex their muscles. To
date, it has collected almost €429 million in fines – serving as a constant reminder to any business
processing the data of European citizens that there are penalties for not adhering to data privacy
requirements.
The privacy skills gap
As well as providing a clearer framework for appropriate data handling practices, GDPR has made data
protection and privacy more about people. Rather than talking in terms of technical standards and
software requirements, it is based on fundamental citizens’ rights and how people within an organization
can uphold them. One of the most specific lines of the GDPR is Article 37, which states that certain
companies must appoint a Data Protection Officer to be compliant. More specifically, any public authority,
a company whose core activities require large-scale monitoring of individuals or consist of large-scale
processing of criminal data.
Wherever appointing a DPO is not required under GDPR, it is advised as best practice for companies
who need to ensure they have the right data processes in place. Given that the latest Veeam Cloud Data
Management report shows that organizations across multiple industries will spend an average of $41
million deploying technologies to boost business intelligence, experienced DPOs have become hot
property. In 2018, when GDPR was passed, as many as 75,000 vacancies for DPOs needed to be filled
– with Europe and the USA accounting for around 28,000 of these roles.
Especially during this period of transition, organizations across the board must foster a culture of
transparency in terms of how data is used. Not every person in the business can be a data protection
expert, but all employees must appreciate and understand the basic principles. Furthermore, while the
ownership of GDPR compliance lies with the DPO, the buck ultimately stops with the CEO. Data
protection is a business conversation as well as a technology one. With that said, businesses must have
an IT strategy in place which enables solid data protection practices.
Minds over matter
Veeam research shows that three-quarters of IT decision makers globally are looking to Cloud Data
Management as a means of creating a more intelligent business. Cloud Data Management brings
together disciplines such as backup, replication and disaster recovery across an organizations’ entire
cloud and data management provision. It ensures that data is always available, recoverable and
protected at all times. But like data privacy, IT is a people industry too. In a world where businesses need
to protect their data more than ever before, CEOs, CIOs and DPOs alike are looking for trusted partners
23
to help de-risk their data management. This support may take the form of configuring data management
systems, providing technical training for administrators, or basic data privacy training for end-users.
Data Protection Day is an appropriate time for us to reflect on how we use and view data.
Moreover, as we begin a new decade, it’s an apt moment to acknowledge that we are still in the midst of
transformation. The impact of GDPR will continue to be profound as businesses adapt to its demands
and its enforcers become less patient with those who fail to comply. More fines and reputational damage
will only add to the demand for DPOs – people with the expertise and appetite to take on the data privacy
challenges of an organization. While investing in technologies like Cloud Data Management will be
fundamental to the DPO’s strategy, privacy is now a people business. Therefore, the shrewdest
investments will be in trusted partners who can guide people at every level of the organization through
the rigours of remaining compliant and help create an authentic culture of data transparency.
About the Author
Daniel Fried is General Manager and Senior Vice President EMEA.
In this position he oversees the strategic direction of the EMEA
organization and expansion across all segments and all
geographies, drives the partner ecosystem and increasing growth in
emerging markets.
Daniel can be reached online at (Daniel.fried@veeam.com) and at
our company website https://www.veeam.com/
24
How The Cybersecurity Industry Can Stop Shooting Itself
In The Foot And Solve The Skills Gap
By Rene Kolga, Head of Product, Nyotron.
It’s no secret that enterprises struggle to find the skilled personnel they need to properly secure their IT
systems and protect sensitive information like intellectual property, personally identifiable information(PII)
and protected health information (PHI). The cybersecurity industry needs to understand that this talent
shortage is, to some extent, self-inflicted. Whatever the causes, we as an industry need to figure out a
solution before it comes back to haunt us more than it already has.
One cause is the fact that companies want to hire candidates with the “perfect” mix of experience and
skills in the industry. However, in a field that is still evolving and growing exponentially, this has become
virtually impossible.
That’s not to say the challenge is the same across the entire industry or even across different locations.
In some regions such as Silicon Valley, the pool of candidates is obviously larger, so it may be easier to
put up an ad for a security analyst role and have it filled with a quality applicant in no time. However, the
same thing isn’t likely to happen if you’re trying to fill a similar role in Montana, for example.
So, how do we force the industry to evolve, as so many other fields have transformed in the past? The
first step, as with most programs, is acceptance. The industry needs to accept that there is a hiring
problem.
25
Here are some strategies that organizations should consider when grappling with the cybersecurity skills
gap:
Strong Leadership and Sense of Purpose
There are probably a million different overused expressions when it comes to leadership, including “Lead
by example” and “A leader is nothing without his or her team.” However, there’s one good one that
perfectly encapsulates the reality of the situation: “Employees don’t leave a job; they leave a manager.”
Next to money, culture is probably the top factor most people value when looking for a new job. This
culture directly stems from the leaders in charge. If managers aren’t providing acceptable vision and
motivation or treating their employees with respect, they’re going to have high turnover rates.
Beyond the basic idea of “treating others as you would like to be treated,” the cybersecurity industry
should consider itself part of the same category as police officers or doctors. That might sound strange,
but when you think about it, what do all three have in common? The idea of wanting to do good in the
world. Employers should provide a clear and transparent mission statement about the company’s
purpose and articulate how security personnel leads the charge in protecting the organization and its
employees and customers, making the world a safer place.
Finally, employees want to know that they're valued and that their bosses are willing to invest in them.
Paying for employees to go back to school, attend credited webinars, or speak at cybersecurity
conferences (like a local BSides event) is a great way to demonstrate that the company wants its
workforce to grow their skills.
Pay Up and Recruit Better
One of the biggest factors in the job search process is compensation. Of course, this isn’t college sports;
there isn’t a debate about whether or not security personnel should be paid. However, there is significant
confusion and disagreement on how much to pay infosec employees. But make no mistake: underpaid
employees won’t last long. The reality is that we live in a world where the concept of supply and demand
reigns supreme. With so many unfilled jobs, companies need to bump up the pay for these roles in order
to fill them. On the bright side, higher salaries will incentivize students to switch their focus from
engineering or computer science to cybersecurity, leading to more potential applicants.
The recruiting problem isn’t limited to the cybersecurity industry, but it’s one we see time and time again.
A company will post an overly specific job advertisement that limits the potential talent pool. Sure, if you
find a hire this way, you’ll probably get exactly what you wanted. But it prolongs the process and wastes
your time. Instead, open up the pool. Write up an ad that identifies your minimum requirements and start
the interview process.
26
Also, headhunting is becoming antiquated. Many companies offer an internal employee referral program,
compensating workers for each successful hire they recommend. Even if this compensation is $10,000,
an outside recruiter is likely to charge you double or triple that. By sticking to an internal referral program,
you’re getting recommendations from people you trust to know what your skill requirements are.
Upskill Internally
Until recently, cybersecurity was not an accredited major at many universities. Think about the
percentage of engineers or computer science majors in the workforce that did not have the option to
study cybersecurity in school. It’s much easier to train those that have relevant industry experience than
it is to train a recent graduate with a cybersecurity degree. Heck, it’s even possible to train employees in
roles you wouldn’t necessarily associate with cybersecurity. Think of the natural transition from Customer
Support to level one security analyst. They’re still taking support calls and guiding customers through
solutions, only this time with a dash of cyber added in. Similarly, your IT administrator has a lot of the
necessary, hands-on knowledge that you so desperately need on the security team, combined with an
in-depth understanding of your environment. Perfect background for a threat hunter or an analyst.
By implementing a culture where you upskill internally, you might find the talent you didn’t even know you
had. Right resources might be just one week-long bootcamp away. Overall, internal upskilling probably
offers the fastest path to closing your security team human resources gap.
Other, Longer Term Solutions
● Start ‘Em Young: Once you’ve thrown the incentive of a great salary on the table, you’ll have
plenty of younger applicants willing to make the leap into cybersecurity. Enterprises need to
capitalize on this and hold job fairs at universities to ensure they’ll have a steady stream of young
talent applying.
● Diversity: Don’t just focus on hiring security majors, and make sure your security staff doesn’t
look like clones. Consider hiring veterans that have plenty of experience working through a crisis,
or communications majors who can help security staff work with the internal PR team or media
when needed.
● Get Involved in the Community: The cybersecurity community is a close-knit one. Employees
that attend extra classes or industry events have a better chance of improving their skills by
sharing war-stories and learning tips they never would’ve thought of, than those who treat the job
like a 9 to 5. If you have sufficient internal resources, considering hosting a security MeetUp.
While these solutions aren't going to have the most immediate impact on your organization, in the longrun
they'll help foster a more positive and efficient environment that your employees will want to work for.
27
Solving the Problem
These are just a few strategies that enterprises should consider when hiring security staff. Obviously,
every organization is different and one solution does not fit all. The tactics used should be determined by
the immediate needs and available resources of the department. However, implementing even one of
these strategies is a step in the right direction for the industry.
About the Author
Rene Kolga, CISSP, serves as Nyotron’s VP of Product Strategy and Head
of Product Management. Prior to working at Nyotron, Rene was Head of
Product at ThinAir. Rene also spent eight years at Symantec where he
managed multiple enterprise security product lines in the areas of encryption
and endpoint security. Additionally, Rene led dozens of endpoint
management, backup and business intelligence product teams at SolarCity,
Citrix and Altiris. Earlier in his career, Rene run Customer Support and QA
teams. Rene earned his Computer Science degree from Tallinn University
of Technology. He also received an MBA from University of Utah.
28
Building Your Cyber Talent Pool Early In 2020
Start early to win the war on talent
By Karl Sharman, Vice-President, BeecherMadden
As we near the end of the first quarter in 2020, you should have a strong idea of what you can hire or
what you must hire during the year.
The next step is to understand the following:
- Budget
- Skill Location
- Availability
Firstly, budgets need to be secure and at the correct range to attract the best candidates possible. It is
linked to skill location and candidate availability in that market however, with no intention of budget it will
be hard to attract the right candidate and may cause an awkward conversation when you do find the right
candidate. We have our own salary report which is personalized to our clients to support their
understanding in this subject, every report includes competitor analysis as well as candidate
requirements in the market which helps company’s bypass the challenges around asking salaries.
Secondly, the locations you choose are only as good as the skilled professionals there. I have recently
seeing more intelligent approaches to working such as remote working, partnering with universities or
picking up the workforce when a company departs a location. This is another reason to do competitive
analysis for example, with majority of companies heading to India for their talent is that a sensible decision
to set up your team there. It may seem cheap, but it isn’t long term if your employee leaves every 3
29
months which will cause an increase in cost and increase the organizations risk. Recently,
BeecherMadden has done 19 company reports analyzing countries such as Poland, Romania, Lithuania,
Singapore, North America, UK, Switzerland and Spain to name a few.
Third, availability is crucial. Many companies will invest a lot of money into a market especially from a
standing start position and to get this part wrong could be damaging for you and the company especially
as risk can increase dramatically. Availability should be defined as having 10 times the number of
candidates with the correct skills and experience you need within that location. Employee turnover is
increasing in many markets and seems to be an accepted way of working as candidates have a lot of
choice.
In cybersecurity it is a candidate led market, so you have to be ready to compete. Building your pipeline
continuously and early will allow you to move faster compared to your competition. The lack of urgency
or long hiring processes can damage how attractive the opportunity is for the candidate. For this to be
successful, you must do your research and planning, continuously build your talent pool and hire quickly
and efficiently. This will increase the candidate experience which is the only way to win the war against
talent in cybersecurity.
About the Author
Karl Sharman is a Cyber Security specialist recruiter & talent
advisor leading the US operations for BeecherMadden. After
graduating from University, he was a lead recruiter of talent for
football clubs including Crystal Palace, AFC Wimbledon &
Southampton FC. In his time, he produced and supported over £1
million worth of talent for football clubs before moving into Cyber
Security in 2017. In the cyber security industry, Karl has become
a contributor, writer and a podcast host alongside his full-time
recruitment focus. Karl can be reached online
at karl.sharman@beechermadden.com, on LinkedIn and at our
company website http://www.beechermadden.com
30
The Importance of Cybersecurity Education in The
Workplace
By Aman Johal, Lawyer and Director of Your Lawyers
In the last few years, we have seen unprecedented levels of data breach activity, with cybersecurity
attacks compromising the personal data of hundreds of millions of people globally.
Modern technology provides businesses with a revolutionary and sophisticated infrastructure for data
access and sharing. However, with this increase in accessible data comes the need for increased
responsibility, and the key priority for businesses should be to properly protect the personal information
they hold.
Why cybersecurity training must be a priority for businesses in 2020
Employees must be sufficiently educated and upskilled in the area of data protection, including
understanding how best to avoid errors that can lead to a data breach, and what to do in the event of a
cybersecurity attack. The importance of educating staff must never be underestimated – if they are not
31
provided with adequate training on how to protect data and avoid leaks, they are liable to end up causing
one themselves.
In 2019, US home-security camera provider Wyze Labs suffered a data breach, where camera
information, Wi-Fi network details and email addresses of 2.4 million customers were exposed. The
breach, which lasted a staggering 23 days, was caused by an employee’s mistake. Equifax is another
data breach that was entirely preventable due to human error; another example of a clear lack of
awareness for even the most elementary security procedures.
Research has shown cybercrime costs UK businesses an estimated £21 billion per year, while also
finding that email security and employee training are listed as the biggest issues faced by IT security
professionals. Upskilling employees through cybersecurity training may appear to cost a significant
amount of resources in the short term but it is likely to pay dividends in the long run. Businesses must
implement strategies and recruit skilled personnel to ensure the entire company is adhering to data
protection regulations. The introduction of the GDPR not only makes their duties more stringent, but it
also gives the public greater awareness and clarity as to how their data should be securely stored and
treated.
The risks of a data breach and how to negate them
The legal and financial implications of breaching data privacy laws can be cataclysmic. If a business is
found to be in breach of the GDPR regulations, it could be liable for compensation claims and regulatory
fines. Competition across a range of markets could be shaped by such breaches – the 2018 BA scandal
could see an estimated combined pay-out figure of £3bn, and a provisional intention to fine the sum of
£183m has been issued by the ICO. Those who are subject to financial and reputational damage that
arises as a result of poor data protection practices and a lack of staff training could lose market share
and even run the risk of going out of business.
If a business experiences a data breach, it needs to consider the severity of the incident and whether it
will have a significant impact on those affected. If there’s a big enough risk and impact, the offence must
be reported to the ICO, who then has the power to prosecute for breaches of the law. ICO investigations
can even lead to staff losing their jobs and facing serious criminal charges for deliberate or reckless
breaches, and the impact of such breaches can also be felt by the employer.
The impact of the misuse or exposure of information for the victims can be life-changing, and it is
important that people’s rights are clearly understood. If impacted by a data breach, the victim may be
able to claim compensation for any emotional distress caused, as well as for any financial losses incurred
too. However, the recent Google ruling means that there’s now the ability to claim purely for the being
victim of a data breach.
Moving forward, businesses must do all they can to protect the personal data they hold, and this starts
with ensuring that their staff are sufficiently trained in data protection and cybersecurity. The increasing
reliance on cloud technology and accessible data means there are even more vulnerabilities to
cybersecurity attacks. When employees feel confident through training and are completely aware of the
32
risks, they’ll be less likely to make the kind of mistakes responsible for the Wyze Labs and Equifax
breaches.
About the Author
Aman Johal, Lawyer and Director of Your Lawyers.
Aman founded consumer action law firm Your
Lawyers in 2006, and over the last decade he has
grown Your Lawyers into a highly profitable litigation
firm.
Your Lawyers is a firm which is determined to fight on
behalf of Claimants and to pursue cases until the best possible outcomes are reached. They have been
appointed Steering Committee positions by the High Court of Justice against big corporations like British
Airways - the first GDPR GLO - as well as the Volkswagen diesel emissions scandal, which is set to be
the biggest consumer action ever seen in England and Wales.
Aman has also has successfully recovered millions of pounds for a number of complex personal injury
and clinical negligence claims through to settlement, including over £1.2m in damages for claimants in
the PIP Breast Implant scandal. Aman has also been at the forefront of the new and developing area of
law of compensation claims for breaches of the Data Protection Act, including the 56 Dean Street Clinic
data leak and the Ticketmaster breach.
33
Be Wary of Cybercriminals This Valentine’s Day
Cybercriminals See Red
By Claire Umeda, Vice President of Marketing, 4iQ
Valentine’s Day is here, and as many of us make plans with our better halves, many others will
increasingly turn to dating sites or dating apps in search of love. These services regularly report spikes
in usage near Valentine’s Day – Tinder alone saw a 20 percent surge on February 14, 2017. The nature
of these sites and apps necessitate that users input basic background information – age, location, likes
and dislikes, etc. It is for this very reason that dating services are often treasure troves of personal data.
In other words, if no one else finds you attractive this Valentine’s Day, just know that a cybercriminal
surely will.
Hacking in the dating world has become increasingly common. 2015 saw the infamous Ashley Madison
data breach, two years ago Grindr was revealed to have exposed millions of users’ data, and last year
OkCupid ran into trouble. And don’t expect it to end there – according to a WhiteHat security report, 85
percent of mobile apps contain cybersecurity flaws in data storage, communication, or authentication
practices (and after all, everything is mobile these days). Many of these services even lack basic twofactor
authentication, which is one of the simplest measures a company can take to help prevent such
breaches.
34
Cyberattacks have undergone a remarkable evolution over the years. In the past, they were most
commonly associated with direct attacks on an individual’s personal computer – viruses copying files,
locking you out of your account, or spamming the user with window popups, etc. As malicious as those
were, they were rarely profitable. These days, the first thing people tend to think of is usually identity
fraud, which is still a serious threat. Many of these online dating services require payments, meaning
they might have credit card information. At the very least the services require passwords, which users
often reuse between their various online accounts, including financial ones.
That’s bad enough, but the trend with exploiting dating websites has grown much darker.
Ashley Madison, a dating site marketed to those already in a relationship looking to have affairs, was the
first large-scale hack of the new variety. The breach was not an exercise in financial fraud – they weren’t
trying to get to your bank account. Rather, the hacker’s mode of attack was not ‘finance,’ but ‘trust.’ By
threatening to publicize the identities of Ashley Madison users, the hackers were able to leverage the
data breach in at least two ways. First, they did irreparable damage to the Ashley Madison brand, which
the hackers castigated as being explicitly immoral. Second, they extorted certain users for monetary gain,
and were able to do so over a longer period of time as victims were less likely to go to the authorities
since that would have brought attention to the very extra-marital activities that they wanted to keep secret.
Grindr was previously in hot water as well, notably for failing to encrypt much of its store of users’ personal
data, including messages, location – and HIV status. What’s more, Grindr itself was found to have been
sharing this data with various analytics companies, compounding the possibility of such sensitive
information getting exfiltrated. Again, the threat is not that such information is financial in nature, but that
it concerns trust. Knowledge of users’ HIV status could be used, much like with the data from Ashley
Madison, for the purposes of harassment or extortion.
Last Valentine’s Day, it came to light that a number of OkCupid users had complained of account hacks.
As on most dating sites, the users on OkCupid are able to privately message each other, often for the
purposes of exchanging contact information and, ideally, meeting up in the real world. This offers a
convenient avenue for hackers to gain access to phone numbers and even street addresses. Once the
cybercriminals have such leads, they can engage in targeted harassment, with the ultimate goal of
extorting money.
Fortunately, there are some steps you can take to safeguard your personal information while on the quest
for love. First, avoid providing too much personal information. If you want to establish contact with
someone outside of the dating app, it’s better to give them something like your WhatsApp name rather
than your cell phone number. Also, make sure to use unique, strong passwords. Alarmingly, 79 percent
of passwords are weak or reused, and around 75 percent of individuals do not change their passwords
unless the service they’re using either suggests it or forces them to do so. Finally, the Better Business
Bureau has published a list of potential dating scams with tips on how to spot and avoid them – take a
look to help keep yourself safe this Valentine’s Day.
Lately, more and more people are finding love online. But finding a date shouldn’t come at the expense
of getting hacked or scammed. Enjoy yourself this Valentine’s Day, but remember, (digital) protection is
important.
35
About the Author
As VP of Marketing at 4iQ, Claire Umeda leads go-to-market
strategies, product marketing, sales enablement and brand
management. She is also the lead editor of the 4iQ Identity Breach
Report.
Prior to joining 4iQ, Claire has held senior and executive marketing
and product positions for startups in the security, communications,
data management and social gaming spaces. Companies include
API.AI (now Dialogflow) seeing the company through acquisition by
Google, Aerospike, AlienVault (now AT&T), Rivet Games, FooMojo,
Inc., and enCommerce, Inc. (Now Entrust Technologies).
Claire's greatest strengths are her curiosity, creativity and tenacity.
She thrives on challenges to align marketing initiatives with company goals, emerging trends, customer
desires and technical realities. As a full-stack marketer, Claire enjoys building a marketing team and
infrastructure from the ground up, and scale into an efficient and effective lean and powerful machine.
Claire holds a bachelor's degree in Journalism from San Jose State University with a minor in theater
arts and is a SCRUM certified product owner. She lives in Silicon Valley with her loving partner and
daughter where she races at a snail's pace to get to where she needs to be. She is also a first degree
black belt in WuShu, a Chinese martial art.
36
The Benefits And Risks Of Modernizing Voting
Technology
By Jenna Tsui, Freelance Writer
The 2016 elections showed us what we’ve always known. Our voting system and election process can
be and is vulnerable, not just to foreign interference but also to more direct tampering. It’s something to
consider as the voting system is revamped to include more modern and digital solutions.
There are many benefits to implementing digital voting technologies, but there is also a tradeoff, as it
opens up the entire system to more risk. How secure is a digital poling platform? Are the benefits worth
the security and tampering risks?
37
Why Electronic Voting?
Before discussing new technologies and what the future might be like, it’s vital to get the lay of the land.
Why does it matter if we use paper ballots as opposed to digital solutions? Why even upgrade the system
if it works?
The reality is that the current voting system is incredibly burdensome. Many believe it’s why the United
States is far behind other developed countries regarding voter turnout.
In the 2016 elections, 56% of the U.S. voting-age population cast ballots. That number was a slight
increase over the 2012 elections, yet it was lower than 2008’s record year.
If you look at the inverse of that number, however, it’s quite alarming. An incredible 44% of the U.S.
population did not participate in the 2016 elections.
While there are many reasons why people don’t vote, one of the more prominent issues is that the entire
process is much too involved. While voting is active, participants must visit a designated location, often
at an inconvenient place and at odd hours. Depending on where the voting center is, there are usually
long lines. It can make for a particularly unpleasant experience.
The percentage of participants has been so low that it might be time we upgrade the entire process for
good.
The Future of Voting Technology
Imagine voting for the next President, on your phone, in the comfort of your own house? You never have
to leave, you don’t have to wait in long lines, and you don’t even have to socialize.
That could very well be the future of voting. Or, at the least, just one of many, modern ways to participate
in elections.
A startup called Voatz already has an app that will allow users to participate in official elections via their
mobile devices. It verifies the identity of voters with the help of biometrics, which involves scanning a
fingerprint or using facial recognition. The technology has already been used in 54 elections across the
country, including in West Virginia, Utah and Denver.
Mobile voting isn’t just about convenience for the people back home, however. It will also allow active
overseas military the chance to participate in the upcoming elections.
Beyond mobile voting, the kiosks at voting centers may also see an upgrade to digital form. Electronic
poll books and electronic voting hardware would significantly improve traditional operations.
38
Part of what takes so long during voting is that participants have to collect their ballots, go to a kiosk and
mark their votes, and then drop their ballots off at the appropriate area or counter. With modern voting
technology, all of that is handled digitally. Voters are served a blank ballot immediately upon interacting
with a kiosk. Then, when they’ve finished voting, the digital ballot is either sent or synced to the necessary
server.
In either scenario — mobile voting and digital kiosks — the waiting times are cut significantly at official
voting centers. It’s also likely that many more people would participate because not as much effort is
required to vote. Just open a mobile app, mark your choices and send it off.
Counting votes digitally is much faster, for obvious reasons. It also allows for a more accurate real-time
reporting opportunity for voting stats. You can see up-to-the-minute numbers as the votes come pouring
in. No waiting around for ballots to be tallied up, and no missing or lost ballots which also means recounts
are unnecessary.
What Are the Risks?
The problem with going digital, and bringing the voting system online — which is necessary for mobile
voting solutions — is that it opens up the entire system to cyber-attacks. Cybersecurity is a major concern
in just about every industry today, and it has everything to do with the adoption of new technologies.
Could a mobile voting system be hacked? Are mobile devices and smartphones even secure enough to
be used as voting access points?
Imagine, for a moment, it’s election time and you have the mobile voting app installed on your device.
You’ve already registered to vote, everything is set up and you’re merely waiting for the polls to go active.
Just before you get the chance, you misplace your phone, leaving it at a local bar or perhaps even
forgetting it at a restaurant. Someone else could pick up your phone and access everything on it, including
the voting app. Is it possible to prevent such a thing from happening?
With Voatz mobile app, the solution is to utilize biometrics to prevent unauthorized access. That means
someone that either steals or finds your phone cannot merely log in and cast a vote. It’s an excellent
start, but what about the phone and digital content itself? How secure is a smartphone?
The NotCompatible virus infects over 10,000 cell phones per day in the United States. It’s a malicious
hack that allows someone to seize control of the infected phone and remotely operate it. Symantec traced
one of the hackers that utilized the virus and found they had taken control of over 200,000 cell phones,
earning a profit of $1 million a year. The hacker achieved this by subjecting the infected devices to ads
and paid videos.
It shows that hackers can not only take control of mobile devices but also use them to turn a profit or
accomplish a particular goal. Looking at voting solutions explicitly, hackers could absolutely seize control
39
of the hardware and influence the results. They could do the same with on-site electronic voting tools and
hardware, too.
It all comes down to information security, and whether or not the solutions can be adequately locked
down. No system or computer is unhackable. However, it’s entirely possible to slow down the process
and eliminate most events with the right security measures. By using data encryption, for example, data
can be securely transmitted even via wireless networks.
It just means that as we upgrade our voting technologies, we must take precautions to protect not only
the hardware but any related data, as well.
About the Author
Jenna Tsui is a cybersecurity and technology writer.
Previously, her works have been featured on MakeTechEasier,
Technology Networks, and TechnoFAQ. To see more by
Jenna, visit her blog The Byte Beat or follow her on Twitter.
My Name is Jenna and I’m a freelance writer for various
publications. I manage The Byte Beat with my collegue, Caleb,
where we create technology content for people interested in
news about technology.
Jenna can be reached online at https://twitter.com/jenna_tsui and at http://thebytebeat.com/
40
Why Zero Trust Isn’t So Trustworthy
By Benny Lakunishok, CEO and co-founder of Zero Networks
Everyone agrees a zero trust network model is the optimal way to protect your network. But can you
really reach that goal of having every single network connection in your organization to go through that
zero trust network model? If so at what cost and effort?
While we all want to lock down the network and implement zero trust, to date, it has been impractical to
accomplish. Current implementations have forced you to make tradeoffs between airtight security,
affordability and scalability. You can have one, maybe two, but not all three.
For example, you can restrict access for each and every user and machine to achieve airtight security,
but this requires either committing significant time and resources to deploy, manage and maintain, which
is not affordable, or reducing the scope of that enforcement, by focusing on implementing zero trust for
only specific, critical sections of the network or resources.
41
If you want to minimize the amount of time and effort you have to spend to keep complicated router ACLs,
firewall rules or other network access controls up to date for your entire network, you have to be okay
with less granular, more lenient security. Either way, you have to give up something, which means you
are not getting a zero trust model at scale that you can really trust.
Requirements for a Sustainable Zero Trust Networking Model
What’s needed is a way to automate the deployment, management and maintenance of network access
policies, so there is no need for constant IT intervention. Consider an organization with 10 sites, 25,000
clients and 2,000 servers. If they want to achieve a zero trust stance they need to restrict access for each
and every one of these clients and servers. The process of manually creating network access policies,
tailor-made for the needs of each and every user and device, simply doesn’t scale – the process needs
to be automated. What’s required is an easy, automated self-service way for every user and machine in
your network to get only the access they need, nothing more.
Enter Zero Networks – Enabling Airtight, Affordable Zero Trust at Scale
We built the Zero Networks Access Orchestrator to deliver the speed and ease of use you require to
make an airtight zero trust stance achievable at scale. Our goal is to ensure all users and machines within
the network are only allowed to access the resources they require to do their job, with the click of a button.
How do we do it? The Zero Networks Access Orchestrator integrates with your existing IT, networking
and cybersecurity infrastructure to observe and create an accurate map of all the communications within
your network. After enough data has been gathered, the Access Orchestrator uses a patent-pending
method to automatically create user- and machine- level perimeter policies that use your existing
infrastructure to confine access to only what they need. There are no agents for IT to deploy or manage,
no policies to continuously update.
When a user needs access to new resources or assets they will only need on rare occasions, they can
get it, using a standard two-factor authentication process that confirms their request is legitimate. The
Zero Networks Access Orchestrator will then automatically incorporate the additional access requirement
into the policies for that user or machine to ensure they can securely go about their business.
In addition, the Zero Networks Access Orchestrator makes sure that if a user or machine stops using a
given resource their permission to access that resource will be revoked after a configurable amount of
time. There is no need for IT intervention. Zero Networks does it all for you.
Prior to deployment, Zero Networks presents live simulations that give you an accurate readout of the
effect the new zero trust network model will have on each user and machine in your network. This ensures
you know exactly what will be implemented, so there are no disruptions.
Malicious entities, on the other hand, will be prevented from moving freely inside the network. Zero
Networks shuts down many of the internal attack vectors that plague organizations, such as network
discovery, lateral movement, remote execution, commodity malware propagation, and ransomware
42
propagation. Even if an attacker obtains credentials from the most privileged accounts, such as those of
an administrator, they will be contained to only a limited set of resources.
As a result, you finally have a way to quickly and efficiently establish and maintain an airtight zero trust
network model at scale. For more information or a demo, please visit www.zeronetworks.com.
About the Author
Benny Lakunishok is the co-founder and CEO of Zero Networks,
which is making an airtight zero trust model at scale a reality for
enterprise networks. Lakunishok has been in cybersecurity for more
than a decade. He was part of the leadership team of Aorato, which
was a hybrid cloud security company, acquired by Microsoft. He
went on to lead the product team in Microsoft responsible for the
Aorato technology, as well as the team that integrated Microsoft’s
acquisition of Hexadite into the portfolio. Prior to Aorato, he was a
senior premier field engineer for Microsoft and in the security team of an elite intelligence unit within the
Israeli Defense Forces. He holds a BS in computer science from the College of Management Academic
Studies in Israel.
43
Mastering Automation to Solve Data Security for
Healthcare Practices
If the Biggest Organizations Can’t Keep Our Data Safe, Then How Can a Small One?
By Anne Genge, CEO, Alexio Corporation
One of the greatest challenges of the 21st-century is cyber-security. Billions of personal records are
already being sold on the dark web. Breach fatigue has already set in, at a time when it’s more crucial
than ever for every citizen of the world to be paying attention.
While people in general are indeed worried about having a breach, they are generally more interested in
the security of their money than their information. When we look at personal health information - this is
some of the most sensitive details about an individual, and yet it’s some of the least protected. In addition,
it’s not like a credit card that can simply be replaced. Once your secrets are out there, there’s no ‘pull
back’.
44
Big Organization May Equal Big Budget, But That Doesn’t Equal Secure Data
Hospitals and large organizations with big budgets, CISOs, and cyber teams still can’t keep personal
health information safe, so what does that look like at – say - a dentist’s office? Healthcare practices such
as dentists, physicians, and other ‘fee for service’ type clinics have a legal duty to protect health data the
same as larger organizations, but they can’t. They don't have access to the same kinds of resources.
Additionally, they score very low on security awareness.
It’s not surprising, then, that when we do security risk assessments, these practices score very low; only
9% pass minimum requirements. Some healthcare providers have under-skilled IT support, some are
simply paralyzed, and others don’t understand the ROI.
Automation Facilitates Efficiency, Better Protection, & Reduces Costs
‘We are all patients somewhere and we all deserve to have our sensitive personal health information kept
private. This is a basic human right. A healthcare organization cannot simply ignore this because they
can’t find the budget. This needs fixing, and we’re doing it.” Anne Genge, CEO, Alexio Corporation.
A solution was needed to fill this massive void. From inside VentureLab at IBM Canada emerged Alexio.
Alexio started leveraging automation in every corner of its operations to solve the problem of cybersecurity
in healthcare practices. Today, healthcare practices across Canada benefit from world-class
cyber-security and training in a subscription-based model affordable to any size practice. Even healthcare
practices with just one computer can protect their patient data with the same rigor as a bank.
About the Author
Anne Genge is the CEO and co-founder of Alexio Corporation.
She and her team of certified privacy and security professionals
help dentists, physicians, and other healthcare providers to
secure their data & systems, comply with privacy laws &
regulatory college mandates. She is a firm believer that good
training in cyber-security is the key to protecting not just her family
and clients, but also government bodies and major corporations.
To this end, she has partnered with many organizations, including
the Canadian Dental Association, to produce training in order to
reduce the frequency of human error resulting in a security
breach.
Anne can be reached online at mailto:anne@getalexio.com and at our company
website https://getalexio.com
45
Devops ― Are You Risking Security for Agility?
By Morey Haber, CTO & CISO, BeyondTrust
By merging software development and IT operations ― two traditionally mutually exclusive functions ―
DevOps has fundamentally transformed how today’s organizations develop, operate and maintain
applications across their environment. It is easy to see the allure of DevOps ― through rapid iteration
and automating processes at scale, DevOps teams can bring high-value applications to the organization,
giving them the agility that is a critical success factor in today’s fast paced world.
But in their haste to adopt DevOps, several organizations gloss over the security challenges that this
methodology of application delivery introduces. As a consequence, DevOps practices often widen the
attack surface and increase the enterprise’s risk of data exposure. So why is it so challenging then, for
IT teams to secure DevOps environments? What makes DevOps security different from more traditional
IT security?
46
Prioritizing speed over security
Speed and agility lie at the core of DevOps ― DevOps teams work incredibly fast to deliver applications
in line with compressed, and often unrealistic, timelines. These teams thrive in an environment of ad-hoc
tooling with an emphasis on intense code sharing and automation at every step. While these practices
do allow teams to deliver business-critical applications quickly, they do also create a plethora of security
shortcuts. It is a real challenge for security teams to integrate traditional security into the DevOps pipeline
as traditional tools force developers to change the way they work and slow down their pipeline, resulting
in low tool adoption.
Excessive use of privileges
To expedite the process of delivering code, DevOps teams often circumvent or even override critical
security safeguards. For example, humans and machines within DevOps environments are afforded
much higher levels of privilege compared to traditional development and operations environments. It's
not unusual — and one might argue, it is even standard practice — for developers to share private keys
and credentials with colleagues for quick access. This negligence vastly expands the attack surface ―
primarily in the form of insider threats, whether malicious or accidental ― while also complicating the
process of creating clean audit trails.
Within applications, developers may hardcode passwords so they can easily be found locally or on
repositories such as Github, Bitbucket, and others. Some of the other widely used practices for storing
credentials include config files and excel spreadsheets, both of which are highly insecure. These risky
practices have significantly increased secrets sprawl in the enterprise, creating dangerous backdoors for
savvy hackers, and once again, expanding the attack surface.
Cultural challenges
Don’t get me wrong. My intent is not do dissuade organizations from adoption DevOps ― there's hardly
anything wrong with this highly collaborative, iterative, and open approach to coding. In fact, given its
high yield of valuable applications and features, I would argue that its certainly a culture that organizations
should foster.
But as the "shift left" practice, at the core of the DevOps philosophy, moves security to be considered
earlier in the process, its painfully evident that traditional security tools are not capable of securing these
DevOps environment. Developers need solutions that adapt to their workflows and highly collaborative
environments. Lightweight applications that leverage code to deliver robust security, using developerpreferred
UIs such as CLI and APIs, will see more successful adoption as compared to traditional
security-minded GUIs.
So, given that most organizations are ramping up investment in DevOps, how can they mitigate these
challenges?
47
Establish strict controls
As organizations accelerate the adoption of DevOps, enterprise security requirements must evolve to
ensure they cover all environments, including DevOps. The new requirements should mandate the
creation of a centralized repository for management of credentials and secrets (more on that later) and
control user ability to share credentials. They should also completely eliminate hardcoded credentials
and passwords from scripts and prevent the storage of secrets or passwords in config files, excel
spreadsheets or other repositories not explicitly built for security.
Centralize secret management
As I touched on earlier, it is imperative for security teams to implement a centralized system for secrets
management that will serve as an intermediary between the user ― be it a human or machine ― and the
application, process, or tool they want to access. Use the centralized system to store all secrets used by
DevOps practitioners, tools, and applications in a password safe and provide enforcement for access,
credential complexity, and other basic tenets of privileged access management.
Support adoption and agility
Automation is key to DevOps teams’ ability to accelerate application delivery and minimize pipeline
delays. Their agile workflows may be impeded by traditional security tools that work counter to their
practices. So to ensure robust security, without compromising developers’ efficiency, organizations must
adopt security solutions that leverage automation. Providing out-of-the-box integrations with common
DevOps tools — Puppet, Jenkins, Ansible, Chef, Docker, Git, etc. — that can be managed through the
developers' preferred interfaces, will guarantee higher adoption rates and enable greater agility in the
DevOps process.
DevOps is no longer a buzzword — faced with the pressure of staying one step ahead of the competition
and delivering unmatched experiences, organizations across the globe are making DevOps a central part
of their IT strategies. However, unmanaged credentials and secrets sprawled across DevOps
environments increases the number of attack vectors, creating easy targets for bad actors. Against this
backdrop, what organizations need is a centralized administration solution — one that can address the
requirements of complex enterprise environments but is also easy to adopt by DevOps teams.
48
About the Author
With more than 20 years of IT industry experience and author
of Privileged Attack Vectors and Asset Attack Vectors, Mr.
Haber joined BeyondTrust in 2012 as a part of the eEye Digital
Security acquisition. He currently oversees the vision for
BeyondTrust technology encompassing privileged access
management, remote access, and vulnerability management
solutions, and BeyondTrust’s own internal information security
strategies. In 2004, Mr. Haber joined eEye as the Director of
Security Engineering and was responsible for strategic
business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye,
he was a Development Manager for Computer Associates, Inc. (CA), responsible for new product beta
cycles and named customer accounts. Mr. Haber began his career as a Reliability and Maintainability
Engineer for a government contractor building flight and training simulators. He earned a Bachelors of
Science in Electrical Engineering from the State University of New York at Stony Brook.
49
Juggling Your Clouds
Managing the Federal Government’s Multi-Cloud Future
By Cameron Chehreh, Chief Technology Officer, Dell Technologies Federal
Driven by the recent Cloud Smart initiative, federal agencies are prioritizing cloud and on track to spend
$7.1 billion on the cloud in fiscal 2020. To better meet varying mission needs, agencies are adopting
multi-cloud approaches that include a combination of clouds hosted on premises, in public clouds and at
the edge.
However, integrating public, private and edge solutions can seem like an impossible task—it’s one of the
greatest IT challenges facing federal agencies. A recent study, “Juggling the Clouds: What Are Agencies
Learning?” found three out of four federal IT decision makers say managing a multi-cloud environment
will be one of their agency’s top challenges over the next five years. So how do we succeed?
50
Multi-Cloud is Here
The first step to successful multi-cloud adoption is for federal agencies to accept the model as the new
normal.
According to the report, the vast majority of federal IT decision makers (81%) say their agency already
uses multiple cloud platforms. Still, agencies do not feel prepared to manage their current environments,
largely because of added organizational complexity and silos, disparate M&O tools and inconsistent
SLAs.
Nearly half of the respondents agree their agency is not adequately preparing for their multi-cloud future.
While some federal agencies are taking steps to prepare as they train their IT workforce for multi-cloud,
implement access controls and establish a multi-cloud leadership team, there’s more work to be done.
Hitting Roadblocks
What is causing federal IT managers multi-cloud anxieties? Security concerns top the list at 41%, followed
by data governance (38%) and interoperability issues (35%). As agencies begin their multi-cloud
journeys, there is often a lack of in-house expertise that can add risk of misconfigurations or other critical
errors. Further, as the cloud environment becomes larger, the attack surface can become even more
complex.
One way to address these concerns is to focus on consistency. Nearly all (89%) IT leaders say
consistency is critical to connecting teams and processes across cloud platforms, but today just one in
five rate the consistency of their multi-cloud environment’s operations and infrastructure as “very good.”
HCI Helps Bridge the Gap
As federal IT leaders consider the reality of their multi-cloud futures, many are looking for tools to help
simplify and secure modern environments. Specifically, federal agencies want better integration with
legacy infrastructures and advanced encryption/security features to further multi-cloud adoption. They
need consistent infrastructure and operations to ensure a seamless experience across all platforms.
Better integration is where hyper converged infrastructure (HCI) – consolidated compute, network, and
storage in a software-defined solution – can help bridge the gap.
While few have invested in HCI today (just 28%), those who have are reaping the benefits. Specifically,
federal agencies mention improved backup and recovery capabilities (48%) and data sharing (45%).
Most importantly, agencies using HCI feel significantly better prepared for multi-cloud.
51
Team Mentality
The study suggests that federal agencies focus on training, proof of concept systems and stakeholder
communication for successful multi-cloud management. Federal IT leaders can mitigate risk and improve
interoperability through connective, adaptive technologies designed to create a consistent experience
across all cloud environments. With the help of HCI, agencies can create a modern, compound
infrastructure that’s both secure and easy to manage.
To learn more from other federal leaders managing multi-cloud, read the full report: Juggling the Clouds:
What Are Agencies Learning? It provides additional insight and recommendations on how to balance
multiple cloud solutions, putting your agency on the path to successful multi-cloud management.
About the Author
Cameron Chehreh, Chief Technology Officer, Dell
Technologies Federal . Cameron Chehreh is the Chief
Technology Officer, Dell Technologies Federal Cameron
can be reached online at Cameron.Chehreh@dell.com
and at our company website https://www.dellemc.com/enus/industry/federal/federal-government-it.htm
52
Time Is of The Essence
Combating False Alarms and Delayed Detection Is Key to Defeating Advanced Cyber Threats
By Filip Truta, Information Security Analyst, Bitdefender
Keeping your organization safe from cyber threats drains considerable resources if you don’t have the
correct strategy. Surveys analyzing cybersecurity at companies big and small often conclude that IT
departments are understaffed, budgets are tight, and that they lack the skills needed to combat advanced
threats. But, while these hurdles are very real, it actually boils down to the solutions your organization
invests in.
Faced with sophisticated threats like APTs, fileless attacks, polymorphic malware and malicious insiders,
your incident response team must be able to triage and investigate suspicious activities, responding
adequately and rapidly. Studies show that, the longer IT takes to detect a breach, the more expensive
the incident becomes.
Traditional endpoint security solutions have a poor track record in prevention, and they are noisy and
complex to operate effectively and efficiently. If your security operations center is forced to waste time
constantly triaging alerts – half of which are typically false alarms – real threats eventually slip through
the cracks, damaging your business and your reputation.
53
Time is of the essence
In a study by Bitdefender this year, 78 percent of infosec professionals said reaction time is the key
differentiator in mitigating cyber-attacks. Asked how long it would take them to detect an advanced attack
(i.e. one using a zero-day exploit), 28 percent of respondents said it would take a matter of days, 16
percent said weeks, and 9 percent admitted it might take them up to six months.
Security teams must not only identify the source of the attack, they must also be able to isolate it and
stop it from spreading. An organization often needs to conduct a forensic investigation after a breach to
meet regulatory requirements. So, how do we break down these barriers? More importantly, how do we
cover all these weak spots without blowing our entire IT budget on security?
The right people
Today’s incident response teams are challenged by a dearth of resources and skills, which hampers their
ability to address threats quickly.
Three in 10 organizations have no dedicated security operations center (SOC). Of these organizations,
81 percent said the biggest challenges created by the lack of an SOC are the ability to respond quickly,
remediate potential threats, and investigate suspicious activity quickly. Meanwhile, 41 percent of those
who lack a SOC find that reaction time and speed are the key differentiators for mitigating an attack.
Companies with minimal IT resources and limited security expertise, should consider outsourcing their
endpoint detection and response. The Security Operations Center-as-a-Service (SOCaaS) model is a
managed threat-monitoring service staffed by an elite team of experts tasked with detecting intrusions
and responding to malicious activities that may otherwise go undetected. An outsourced SOC works with
you to accelerate detection, prioritization, and the response to threats.
The right tools
If we are to address every kind of threat – from malware to social engineering schemes to insider threats
– we not only need the right people for the job, but the right technology as well. Using their current security
tools, only 3 percent of IT professionals say they can efficiently detect and isolate every advanced attack
directed at them.
40 percent of infosec workers agree that network traffic analytics (NTA) is a powerful approach to
detecting cyber-threats early in the attack cycle. NTA augments your endpoint protection, detection and
response investments to give the IT department visibility into network-borne threats while also keeping
tabs on malware. An ideal NTA deployment uses semi-supervised machine learning methodology to
identify key patterns and trends in live data flows to spot anomalies that may point to a developing threat
with little need for human input.
Endpoint Detection and Response (EDR) is also instrumental in keeping cyber threats at bay. Advanced
detection and response solutions can show IT teams precisely how a threat works and its context in their
54
environment, produce up-to-the-minute insight into named threats and malware that may be involved,
and indicate steps to remediate or reduce the attack surface.
Decision makers prospecting vendors would be wise to also consider solutions that leverage rich threat
intelligence with contextual, real-time insights into the cyber-threat landscape, including unique and
evasive malware, advanced persistent threats, zero-day vulnerabilities, hard-to-catch command and
control (C&C) servers, reputation of files, URLs, domains and IPs. This living database delivers a
continuous flow of actionable intelligence, eliminating a long-standing blind spot for security analysts.
Regardless of infrastructure or business model, companies of all sizes have a plethora of options to
strengthen their cybersecurity posture. Using a layered approach, IT decision makers can fill any gap in
their cybersecurity strategy, optimize IT spend, and free their IT teams of endless false alarms and
headaches.
About the Author
Filip Truta is an Information Security Analyst at Bitdefender. He has
more than twelve years of experience in the technology industry
space such as gaming, software, hardware, and security. He likes
fishing (but not phishing), basketball, and playing around in FL
Studio.
Filip can be reached online at https://www.linkedin.com/in/filip-truta/
and at www.bitdefender.com
55
Drowning in A Sea of Threat Data? Consider A Curator
By Rodney Joffe, Senior Vice President, Senior Technologist and Fellow, Neustar
In the wake of increasing cybersecurity threats and data breaches, a whole host of network monitoring
and threat intelligence tools have emerged to provide organizations with information on potential
cybersecurity threats. However, many of these tools don’t effectively contextualize potential threats; they
simply produce vast quantities of raw or general data that must then be analyzed.
This creates huge inefficiencies, with security teams struggling to separate the important information from
the noise. Drowning in threat data and faced with a constant barrage of false positive alerts, cybersecurity
professionals are increasingly suffering from alert fatigue. In a survey of IT security professionals, the
Cloud Security Alliance found nearly 32% admitted to ignoring alerts because so many were false
positives. Additionally, more than 40% said the alerts they receive lacked actionable intelligence to
investigate.
Alert fatigue could not only lead to overlooking a genuine threat, but it can also lead to employee burnout.
This is a concern not just for the cybersecurity industry which is already significantly understaffed, but
costs the employer in time it invested in that employee training plus the additional cost of finding and
training a replacement.
56
Reducing alert fatigue and boosting job satisfaction
A 2018 report from McAfee revealed that only 35% of respondents to a recent survey of global
cybersecurity professionals were “extremely satisfied” in their current job, and 89% would consider
leaving if offered the right incentives — and many of those “right” incentives related to workload: shorter
or more flexible hours and a lower or more predictable workload. In addition, the survey found that
security professionals tended to view threat hunting and resolving threats as the most rewarding part of
their job, while day-to-day monitoring and analysis of logs ranked near the bottom.
Considering the expanding threatscape and the serious shortage of qualified personnel to meet the
industry’s needs, companies can take steps to offload the busywork of analyzing data and reorient their
security teams to focus on more important tasks. A great way to alleviate these closely related problems
— data overload, alert fatigue and burnout — is to improve quality control on security data. Better threat
data allows security professionals to concentrate on high-value activities, making these individuals more
efficient and effective as well as boosting their job satisfaction.
Curated security threat data
To properly defend against cyberattacks and block potential threats, organizations need security threat
data that is timely, actionable, contextual to their industry and business— and that can provide the right
insight into what is happening on their networks. In short, enterprises need curated threat data.
Informed by a broad view of global networks, combined with behavioral analysis and pattern-based
research, a data curator can provide highly contextualized, hyper-relevant and actionable insights into
malicious activity via machine-readable threat data that can be ingested directly into an organization’s
existing analytics platforms. By removing the grunt work of data contextualization, a curator removes
much of the noise from the process, equipping network and application security tools with improved realtime
awareness of active threats and enabling security analysts to direct their time and attention to the
most relevant information.
Minimizing risks such as spam and phishing attempts, strengthening brand protection through monitoring
suspicious web traffic, and safeguarding against activities such as suspicious DNS tunneling attempts
can all be mitigated with access to curated security data. Benefits include the ability to preventively block
threats at the network and application layer; improved monitoring and alerting of true positive deceptions,
reducing the time spent researching false positives; and limited dwell times of infiltrations, speeding up
detection and remediation.
Conclusion
Cybersecurity professionals are drowning in threat data, suffering from alert fatigue and burning out at
an unprecedented rate, even as the demand for their expertise continues to rise amid a growing skills
shortage. In turn, organizations don’t have the time, resources or manpower to monitor the entirety of the
threat ecosystem for potential security threats. In a threatscape in which malicious actors are constantly
shifting their strategies and attack vectors, enterprises must have a way to achieve data reduction without
losing fidelity. Rather than playing whack-a-mole by responding to false-positive alerts, enterprises must
maximize the efficiency and effectiveness of their security teams and enable them to counter the threats
57
that matter most right now. The key — and the future of threat intelligence — is curated, actionable threat
data.
About the Author
Rodney Joffe serves as a Neustar Senior Vice
President and is a Senior Technologist and Fellow. His
accomplishments include founding the first commercial
Internet hosting company, Genuity, as well as the first
outsourced and cloud-based Domain Name System
(DNS) company, UltraDNS, where he invented Anycast
Technology for DNS. Joffe has served on a number of the U.S. government’s cybersecurity intelligence
panels and was the leader of the groundbreaking Conficker Working Group. Joffe is also the chairman of
the Neustar International Security Council (NISC), which is comprised of an elite group of cybersecurity
leaders across industries and companies who meet regularly to discuss the latest cyberattack trends.
58
Analysing Data Using the Intelligence Cycle: An Overview
By Alan Blaney Managing Director of Focus Training
When it comes to analysing different forms of
intelligence, using a detailed and coherent process is
crucial in order to determine the most accurate results
possible. The intelligence cycle is a step by step process
used by analysts to create intelligence and answer
specific intelligence requirements. The cycle consists of
collecting relevant information, analysing the information,
interpreting it then providing an assessment and
recommendations. The aim of using the cycle, is it acts
as a tool which informs the decisions and planning of
policy makers and commanders.
59
Phase One: Direction
The first phase of the cycle is ‘direction’. This initial particular phase is highly important as it gives the
intelligence a starting point and provides the potential ways in which you can resolve or deal with any
form of fraud or criminal activity, helping you to come up with a clear solution.
Things to consider:
Why? - Provide a clear background of the situation and why the intelligence is required.
When? - You need to establish when the intelligence is required by.
Importance - What level of urgency and importance does the situation hold? How much of a priority is
the intelligence?
How? How is the intelligence to be provided? For example, oral briefing, written etc.
Phase Two: Collection
Once you have clearly identified the intelligence required in the ‘direction’ phase, and considered the
potential ways in which you can address the situation at hand, you then need to move on to the ‘collection’
phase. This stage of the cycle is focused on establishing the priorities and collecting the intelligence
required in order to achieve your desired outcome. Once you have set clear objectives in the direction
phase, you can then focus on how you plan to collect your data and sources to support you in achieving
the results needed.
Steps to focus on in the collection phase are:
• Research - The first step to take is to research into what data already exists that may be able to
assist with your investigation. This data must be readily available and come with minimal cost.
These are classed as your sources.
• Identify - After identifying what data already exists, you should then search for any gaps or
missing data.
• Formulate - Based on the data you have already collected so far, and depending on what else
you will require, you should then formulate a collection plan.
60
The first data you should search for is your ‘sources’ which are readily available pieces of data/information
that are free, quick and easy to access. If you are unable to formulate data from your sources, then you
need to utilise resources. What resources can you use to help you gather the evidence you require?
Bear in mind that resources are likely to cost money un like your ‘sources’. At this point, you should as
yourself; what have you achieved with the knowledge and data you have so far? Provide a summary of
the information and see where the data can be corroborated. Try to steer clear of obvious sources when
looking for data as this information could easily be false. If you can’t corroborate the information, then
you need to use a different strategy.
The Triangulation of Intelligence Data
Another process to consider during the collection phase, when it comes to analysing your data and
sources is the triangulation of intelligence data.
1. Someone provides you with brief information such as their name, job role etc.
2. You can then go to the company’s registrations, verify that information. Where else can you get
data to support and verify that this information is true?
3. Follow this data footprint and search elsewhere to see if all of the information provided matches
up.
Phase Three: Evaluation
Once you have collected the relevant data in the second phase of the intelligence cycle, you then need
to obtain a measure of confidence in the data that you have collected. It’s important that you analyse how
truthful, valid and reliable the source (person or system providing the information) to be, and how reliable
the information being provided by that source is.
The following stages are significant to through in the evaluation phase:
1. Source evaluation - you need to evaluate the source to see whether they are reliable.
2. Information evaluation - you need to then evaluate the information provided by the source, using
a grading matrix.
61
3. Data dissemination - you should then consider the handling and sharing of data once the
previous two steps have been taken.
Using ‘A,B,C,D,E’ you can put the source into different gradings to measure how reliable it is. Then go
on to the information the source is supplying and follow a numbered scale to further test the validity of
the data. As a result, you should then have two measures of how you can qualify/validate the source and
data.
Measure of source: A, B, C, D, E
Measure of Information: 1,2,3,4,5
Data dissemination is the next area to focus on. You need to consider the potential risks of sharing the
data you now have that can be validated, quantified or qualified.
Phase Four: Analysis
Sometimes referred to as the ‘processing phase’; the analysis phase consists of the evaluation of the
information you have collected, in order to understand it. This is when you should query the raw data and
information you have collected in the previous steps, in order to come to a conclusion that fulfils the
information requirement. In order to do so, analysts must understand the problem in detail and know
exactly why the information is required, and how it will be used.
This phase is focal to problem solving, as the more available information you have gathered, the stronger
your understanding will be of the situation. During this phase, you need to spend time looking at all of the
information available to help determine its meaning, and then analyse it applying different lenses to derive
the meaning. This phase draws to a close by concluding assessments from the data you have collected,
often in the form of recommendations or advice.
Phase Five: Dissemination
The final phase of the intelligence cycle is the ‘dissemination phase’. This phase is important as it focuses
on the presentation and delivery of the intelligence, and allows you to form the intelligence and
assessment together to answer your initial information requirement. Your main focus during the
dissemination phase should be the one that gets the information across the most effectively. The
intelligence is best disseminated in either:
62
• An oral briefing - this enables the analyst to provide a more in-depth overview of the intelligence
and findings providing much more detail through questions. It also means the information can be
broken down in a more understandable way.
• Written form - this form allows the intelligence can be disseminated to the client/customer to digest
at their own discretion.
Once all of these phases have been completed, you have covered every aspect of the intelligence cycle
and should have come to a conclusion that matches up to the aims you set out in the initial direction
phase. If you feel you haven’t achieved the objectives you set out, you need to figure out which phase
needs to potentially be revisited to help you gain the result or information you require.
About the Author
Alan Blaney is the managing director of Focus
Training and specializes in providing businesses
worldwide with fraud prevention, intelligence and
cyber security training. With over 20 years of
experience within the cyber security industry, Focus
Training have established themselves as the UK’s
leading providers of fraud, theft and security training
courses.
Alan can be reached online at https://www.linkedin.com/in/alanblaney1/ and at our company website
http://www.focustraining.co.uk/
You can also view our infographic series on the Intelligence Cycle here - http://blog.focustraining.co.uk/
63
Cyber Defense and Cultural Heritage
By Milica D. Djekic
Let’s look back several centuries in the past and try to imagine what technologies the people of that time
might have used in their lives. If we inspect some representatrive archeological sites, we would notice
that the common people of the period might have applied the dishes and tools typical for their area as
well as their period of the history. Also, there would likely be other inidications about their habits, activities
and routines, perhaps even in written form using some alphabet or characters.
From that point of view, it may appear that humankind has led a vigorous and exciting life throughout
history even if they did not know anything about the electricity or cyber technologies we know today. Even
life illuminated by candles is not necessarily a dull one, but rather full of events, thoughts and emotions,
as sometimes shared in someone’s diary or personal book. It would seem that folks who lived before us
have left us the real treasure of valuable objects, witnessing and memories that would nowadays be
widely used in historical movies and the other epic documentaries. Still, it’s widely believed that only
today do we live at a fast pace and that’s the reason to see our predecessors as less active as we are in
the present.
The fact is that life has been both active and hard at all times. It is well-known through the history of the
entire world that life has been turbulent and full of migrations, wars and conflicts. Sometimes it’s quite
interesting to consider the weaponry of your fathers and figure out how skill-intensive their training must
have been. Apparently, in comparison to today’s endeavors the activitties of the past could looked upon
as funny and child like, but there could have been entire engineering teams of yesterday that would be
capable of designing a wide range of tools, buildings and houses. As Charles Darwin would suggest the
only thing that would separate us from the other primates is our mental evolution that would make us
getting the most superior species on the planet Earth.
On the other hand, if we observe these things from today’s perspective – we can realize that even now
we are still in a phase of our development and there are a lot of questions in our surroundings that should
get answered. The fact is every new answer would open up the new question and as we progress our
Pandora Box would be bigger and bigger. Simply try to remember Arthur C. Clarke and his Space
Odyssey giving such daring prognoses about what we can expect in the future. Maybe his brave
predictions will turn out to be true in our own time, but if we try to deal with future millennium we would
see that those times could bring us many more fascinating discoveries such as teleporting machine, time
traveling devices as well as the abilities to cruise at the speed of light.
64
With this perspective, try to compare your current tablet or Smartphone with those projections and figure
out how the people of the future might see our rapid-pace lives and believe that we are living in such a
progressive period of time. If we really get the capacity to create a time machine, everything we have
today would seem as naive and child like as is now the case with our modern perspectives about our
past. In other words, once we start conquering the Galaxy probably our third rock from the Sun would
appear as one huge archeological site that would offer amazing cyber technologies as its cultural
heritage. The imagination could lead us so far away and as we have the regions on our planet dealing
with cultural and historical diversity – in few millennia ahead we could talk about our planets and satellites
that would also offer us the world of the colorful nature. The human mind has limitless capabilities and
it’s quite clear that nothing will remain static in the coming times, so that’s why we need to get prepared
for the future.
What is cultural heritage?
If we talk about cultural property, we have in mind any object based on its historical and artistic value.
Cultural heritage is an ongoing security topic and the big policing networks such as Interpol would fight
against any crime against those priceless values. There would be entire organized crime groups trying
to get possession of those objects and try to smuggle them all over the world. That’s quite a big challenge
to the defense community, so those cases would usually be aubject to the applications of the emerging
technologies that would provide us ways to better tacklethis kind of offense. Unfortunately, current
punishments to deter anyone from committing such a crime are so weak that many people decide to take
this very small risk, in comparison to a large potential profit.
Even the objects from the World War II would have the high historical value and so many wealthy
collectors would like to have them in their private collections. Such selfish collectors would expend time
and money to obtain such a priceless piece of the history, leaving no chance for the rest of the society to
enjoy those collections in their galleries, museums or exhibitions. In our opinion, that’s something that
should be prevented by using an intelligent security strategy. So many people through the ages have
taken part in building our history, and all human society deserves to have access to these historical
artifacts.
Looting or inside theft - what is the difference?
The loss of valuable pieces of history from our communities tends to rely on two well-known methods:
looting and inside theft. Looting is any violent or surreptitious way of stealing something, while insider
threats are usually correlated with corruption and cybercrime.
In many poor and developing regions, there appears to be a high level of corruption in almost every
segment of their societies. The role of law enforcement is to recognize and consequently resolve those
cases on behalf of the community. However, in many criminal justices the punishments for someone
stealing cultural items may be only few years in prison, so the risk is minimal and the income from such
activitiese can outweigh the risk of punishment.
From another perspective, the point is not only to punish someone for illegal trading, but also to issue a
stern warning to everyone who might consider this kind of illegal activity. Beyond that consequence, if
there is no one who would purchase stolen objects, there would be a better chance to reduce and even
prevent those criminal scenarios from ever happening.
65
Could cybercrime drive those operations?
Beyond using looting or insider tactics, thieves could well rely on cyber attacks to conduct fraudulent
purchases and delivery of culturally significant items. However, once the theft is discovered, law
enforcment entities would conduct the investigation by gathering as many clues as they can. Assuming
those criminal activities are well-planned and intelligently coordinated, searching through cyberspace
could bring some results. For instance, the typical scenario would suggest that many possible targets
would be monitored from the outside before anyone decided to make any move on them. In turn, that
could be the critical basis for findings by the investigators.
Some Cases from Law Enforcement Practice
Generally, careers in Law Enforcement mean a lifelong learning process. Modern times are flooded with
stories the insider threats and cases where criminal actors get active in many cultural heritage institutions.
Those criminals use a wide spectrum of tactics and strategies to obtain what they want to obtain. All
those operations tend to be coordinated from the outside using emerging technologies.
Basically, there are some recommendations and instructions how to handle such an investigation.
However, in the opinion of this author, we still need more updates of the best practices in preventing
those crimes. The law enforcement officers doing such a task are well-trained and specialized to manage
this risk, but there is still a huge need for the resources and studies on how to do perform this law
enforcement function in a less time consuming manner.
Ways of Protecting Valuable Objects
Every new crime seems to demonstrate something new. In many cases, it does not matter how much
you know – you still need to start from the beginning and accept that there is strong need to learn about
the unique aspects of the casea at hand. In our belief, the fundamental ways to assure the safety of
cultural heritage include strict application of the provisions of the law and regulations. In addition, it is
important to institute well-defined and highly tested physical security procedures and policies. Again,
the dual objectives are to punish those who break the law and to deter those who may be considering
criminal actions.
Some final thoughts
Through the perspective of cultural heritage, we can see the meaning of life in historical eras and also
better understand the world we live in today. These physical properties belong to all of us and not only to
some privileged individuals who are ready to pay well forpersonal ownership of a piece of the past. So,
as our tablet might become a priceless part of today's history tomorrow, even someone's everyday dishes
could keep the secrets of a housewife of the past who used them to feed her family. For such a reason
we should figure out how our entire past should be appreciated and secured in order to bring light and
appreciation to future generations.
66
About the Author
Milica D. Djekic is an Independent Researcher from
Subotica, Republic of Serbia. She received her engineering
background from the Faculty of Mechanical Engineering,
University of Belgrade. She writes for some domestic and
overseas presses and she is also the author of the book
“The Internet of Things: Concept, Applications and Security”
being published in 2017 with the Lambert Academic
Publishing. Milica is also a speaker with the BrightTALK
expert’s channel. She is the member of an ASIS
International since 2017 and contributor to the Australian
Cyber Security Magazine since 2018. Milica's research
efforts are recognized with Computer Emergency Response Team for the European Union (CERT-EU)
and EASA European Centre for Cybersecurity in Aviation (ECCSA). Her fields of interests are cyber
defense, technology and business. Milica is a person with disability.
67
Tax Season Is Here. So Are the Scams.
By Eric H. Perkins, Sr. Security Risk Analyst, Edelman Financial Engines
While two things are coined certain in life (death and taxes); one could argue there is also an
overwhelming desire to separate fools from their money. This year, like every year, is no exception. In
fact, the IRS continues to warn of scams targeting taxpayers via cyber related methods that range from
conventional to cutting edge.
Even if you take protecting your sensitive data seriously, the negligence of others may have inadvertently
placed you in harm's way. Remember the Equifax breach in 2017? How about the record setting Capital
One breach just last year? The underlying point here is that when data breaches (of any size) are
combined, the data sets can merge to create “rich profiles” which provide a 360-degree view of
individuals; including their employment and education history.
This is significant because when leveraged by cyber criminals, the data (which includes scores of related
accounts linked to each other) could be used for highly effective targeted phishing attacks, business
email compromises, and the most cumbersome threat of all to remediate - identity theft.
68
Identity theft, moreover, tax-related identity theft, is when a threat actor uses a stolen Social Security
number to file a fraudulent tax return. While this is a straightforward process, unfortunately, there are no
obvious early warning signs of the attack. However, to help protect you against such potential threats, a
small list of the most popular tax related scams is highlighted below to help keep your tax return safe and
secure this season.
Phishing
The most prolific solicitation of tax related scams stems from phishing related communications. Keep in
mind, communications are not just limited to email. Threat actors now leverage Bluetooth, SMS (text
message), and social media (Facebook, Twitter, etc.) as alternative and extremely viable solutions for
distribution.
How to protect yourself: Be critical of any electronic communications you receive purporting to be the IRS
and never click on any links requesting you to take action. Remember, the IRS will never initiate contact
for personal information and always communicate via mailed letters.
Telephony
Using sophisticated software, scammers call from phone numbers that appear to belong to the IRS and
demand an immediate payment (for a variety of reasons) by intimidating you into making a rash decision.
In addition to the unwanted pressure, they have been known to ask for funds via gift cards or wire
transfers.
How to protect yourself: Know that the IRS will never phone you or show up at your door to demand an
immediate payment, especially via gift cards or wire transfer. If needed, you can either call the IRS directly
or visit irs.gov/balancedue to review your account balance (if applicable).
Identity Theft
With troves of sensitive data waiting to be purchased from the dark web, threat actors can leverage your
personally identifiable information (PII) and use it to apply for tax refunds; often times using fabricated
income with regards to inflating the refund.
How to protect yourself: Filing early is always recommended. By filing early, scammers will be unable to
file a fraudulent return in your name. If you receive an IRS notice about a duplicate return, respond
promptly but do so in a safe manner, i.e. do not click on links.
In summary, the IRS doesn't initiate contact with taxpayers by email, text messages, and/or social media
channels to request personal or financial information. If you know or think that you’re a victim of taxrelated
identity theft; the IRS recommends you contact them immediately. The FTC also requests you file
a complaint via their website, in addition to placing fraud alerts on all three major credit bureaus.
69
About the Author
Eric H. Perkins is currently the Sr. Security Risk Analyst for
the largest independent investment advisory firm in the
Nation. Before joining Edelman Financial Engines, Eric
began his career in network security while serving as an
active duty Information Security Officer in the US Army both
in country and while deployed to Afghanistan. Eric holds
numerous IT certifications to include CISSP and is a
relentless advocate for security awareness. Eric can be
reached at eperkins21@protonmail.com or online at
https://www.linkedin.com/in/erichperkins/.
70
Predicting the Direction of The PAM Market In 2020
A Look at What is Next on the Horizon for Securing Organizations’ Privileged Accounts
By James Legg, President and CEO, Thycotic
As each year passes, we analyze the successes and failures of the cybersecurity industry, knowing full
well that we can’t stress enough the importance of securing access to data. Cybersecurity is only going
to continue to increase in criticality, and with each breach we are reminded how serious cyber incidents
can be. The DoorDash breach affected nearly 5 million people. Almost 12 million people had their
personal information accessed by a cybercriminal who infiltrated Quest Diagnostics. The average cost of
a data breach is approaching $4 million, but some reports say the Capital One breach could cost the
company upward of $100 million. These are just a few examples of the hundreds of data breaches that
occurred in 2019.
Even with the constant news of attacks and the growing cyber awareness in the IT industry, criminals are
still successfully penetrating organizations of all sizes and sectors. Most of the time, they accomplish this
by targeting the victim organizations’ privileged accounts. Analysts at Forrester Research say 80 percent
of data breaches involve the theft of the credentials that access these privileged accounts. These
accounts allow users the “privilege” of accessing them, and the various capabilities, systems,
71
applications, etc. they control. This access is at the center of organizations’ networks, infrastructures and
overall IT environments. As you probably expect, access to all this gives the user, authorized or not, great
power within the environment — hence why it is the top target of cybercriminals.
Since we know these accounts are the most powerful and frequent target of cyber attackers, the
responsibility falls on us, the Privileged Access Management (PAM) providers, to offer solutions that allow
organizations to secure their privileged accounts and the information and systems they access. With that
in mind, let’s take a look at where the PAM space is heading in 2020.
2019 was the year of Cloud transformation as many companies and governments began or completed
their shifts to Cloud environments. As a result, the market saw a major shift as the leading providers
turned their attention to delivering Cloud compatible PAM solutions. What will the shift be this year? What
trends can we anticipate for this crucial sector of cybersecurity in 2020?
Partnering with PAM
A growing theme we’re seeing in several aspects of the security industry is an increase in collaboration
from the various players of the market. While the PAM space is addressing the top target of cyber
attackers, there are almost countless gateways into organizations that need to be protected. To adopt a
common metaphor, securing an organization from cybercriminals is like securing a house from burglars.
Just as a house has several ways in — doors, windows, chimneys, etc. — so does an organization:
devices, the network, users and many more.
This is resulting in strategic partnerships that are bringing together specialized vendors. These
partnerships are producing toolboxes of products and services that secure multiple pathways and
dramatically reduce cyber risk. This is consolidating cybersecurity and providing organizations with full
lifecycle solutions. As budgets often remain tight, it’s critical for CISOs to find the most efficient
combination of solutions when securing their organizations because unfortunately, there is no such thing
as a “one and done,” “do it all” security product.
Improving IoT security
The Internet of Things (IoT) space is ripe for security innovation. While this technology is still relatively
new, the security adoption for these devices is dangerously behind.
In most cases, IoT devices, are largely ignored by organizations after installation. This means they
typically rely on default passwords and configurations. Most often, when IT completes the routine updates
of the company’s devices (computers, smartphones, etc.) they forget about the other internet-connected
devices in their environments — such as smart TVs, which are located in many conference rooms. These
are connected devices and thus are entry points for cybercriminals.
This is a golden opportunity for PAM providers to lead the charge and develop the solutions to safeguard
these devices. In particular, password managers need to be offered to include all of the devices within
an organization’s environment. Until IoT devices are properly secured, the networks and other systems
they are connected to will be vulnerable to malicious cybercriminals.
72
Ransomware on the rise
Unfortunately, we are likely going to see a continued increase in ransomware. Due to the effectiveness
of these schemes, cyber attackers are recognizing that companies are often opting to just pay the
demanded ransom. Ransomware has been particularly lucrative for culprits targeting governments and
health care systems. Sadly, it’s easier for victim organizations to submit to the cybercriminal than to deal
with the fallout of the threatened malware attack. It is incredibly expensive and time consuming for a
company to deal with data loss, denial of service and other consequences. To make matters worse, even
when victim organizations comply, they only get access back 69 percent of the time, according to a recent
report from Proofpoint.
Ransomware is most often delivered through phishing schemes via email, pop-ups, and other casual
messaging. It’s relatively quick and easy for a cybercriminal to deploy and it only has to work (be *clicked*)
once to penetrate an organization’s security perimeter.
Looking ahead
We know that credentials and privileged access are the top target of cyber attackers, and while the market
has several solutions that can help organizations protect their credentials, criminals are only getting more
sophisticated. Every day, they are developing more advanced strategies and launching new types of
attacks. The challenge posed to us is to stay ahead of cybercriminals to reduce the risks to businesses.
This also means that we need to keep pace with the rest of the IT industry, so that when an organization
adopts new technology, the security for it is already available. There cannot be a gap that allows
cybercriminals to penetrate organizations before they have deployed proper security to integrate with
their new technology.
About the Author
James Legg, the President and CEO of Thycotic is
responsible for the day-to-day operations at the company.
He creates and executes growth strategies and initiatives
designed to propel Thycotic to the next level. James has
amassed over 25 years of managerial and sales
experience in guiding technology companies to
accelerated, sustained growth. Most recently, he served as
EVice President and GM of Unitrends, Inc., after serving as CEO of PHD Virtual, acquired by Unitrends
in 2013. Previously, he served as Vice President of worldwide sales for Idera Corporation, and was Vice
President of sales at NetIQ Corporation, having come there via the acquisition of PentaSafe Security
Technologies, a remote access, vulnerability assessment and intrusion detection solution
James can be reached online at
https://thycotic.com/
thycotic@luminapr.com and at our company website
73
Malware - A Cyber Threat for 2020
By Pedro Tavares, Founder of CSIRT.UBI & Editor-in-Chief seguranca-informatica.pt
We are facing a transition to a new decade. The maturity in the field of cybersecurity is growing, but a
wave of new risks from the previous decade is carried over to this new cycle.
Cyber threats have been continually improved by its operators, and increasingly using sophisticated
techniques deceiving victims and also avoiding protection systems, such as antivirus, anti-malware
agents and firewalls. I'm talking about malware as a cyber threat in 2020.
In this digital era, any professional designs and thinks about planning a product safely. However, if the
company the professional works for experienced some challenges for aligning priorities over time with
the market, the costs of a security incident can become catastrophic.
Some of the biggest threats in 2019 will transition to 2020 with a fully consolidated malicious infection
process. We can take a close look at the last quarter of 2019, where multiple security breaches were
announced.
74
A data breach is usually seen as the last step in a chain of malicious events that occur on specific
targets within a given threat group scope.
To corroborate this statement, we can look at the latest statistics for the third quarter of 2019, which
highlights a notable absence of one of the most worrying threats today, the Trojan banker Emotet.
However, this also made an opportunity for other less popular media malware.
These threat agents exfiltrate sensitive data from the infected machines, jumping between machines,
compromising organizations without leaving clues.
Through these pieces of malware, operators gain access to corporate infrastructures via deployed
backdoors. Since access is carried out with valid and legitimate access credentials (previously
exfiltrated), these accesses are marked as trustworthy because they are performed based on trusted
connections and devices - those devices that the protection and monitoring systems trust.
After long weeks of compromise, undetectable in corporate networks of organizations, eliminating and
corrupting backup systems, and others available there, in order to prevent successful data recovery, the
ransomware is then implanted to close the infection chain.
At this stage, operators are using ransomware if the target system offers information indicating that the
organization can pay the ransom. During 2019 Ryuk was one of the many choices of operators. It was
designed to change the ransom amount depending on how much it thinks the victim can pay.
Threat agents and products with evolved threat detection technology are playing this cat and mouse war.
The polymorphic and modular capacity presented by current malware makes the detection process
difficult, and in this case, it is also a user task - to know how to face these challenges. So, this is not just
a technology problem.
This is a crucial issue for 2020, as a threat of this nature could destroy a business with more than 20
years in the market.
Focusing on a doctrine of intensive training of company employees, including certifications within this
context, workshops, and even corporate awareness can be a measure, in the short term, to keep
professionals on the alert of the danger of these threats.
The same applies to cyber users in general. The benefits of cyber-education should be one of the major
focuses and goals for 2020. Just think that the biggest vehicle for the proliferation of malware worldwide
75
is still a simple email, where the responsibility is always on the side of the recipient and never on the side
who sends the message.
About the Author
Pedro Tavares is a cybersecurity professional and a
founding member and Pentester of CSIRT.UBI and
Editor-in-Chief of seguranca-informatica.pt.
In recent years he has invested in the field of
information security, exploring and analyzing a wide
range of topics, malware, ethical hacking (OSCPcertified),
cybersecurity, IoT and security in computer networks. He is also a Freelance Writer.
Segurança Informática blog: www.seguranca-informatica.pt
LinkedIn: https://www.linkedin.com/in/sirpedrotavares
Twitter: https://twitter.com/sirpedrotavares
Contact me: ptavares@seguranca-informatica.pt
76
VPNs - 2020 And Beyond
By Sebastian Schaub, Founder and CEO, hide.me
In the last 5 years, awareness to protect data, to encrypt communication and and minimise data collection
has rapidly increased. Privacy and trust will be the main topics for 2020 - how do big corporations process
data, store it and potentially abuse it? Regulation has certainly been lacking for many years now and the
general public is playing catch up in the face of all the potential dangers. So what are some of the areas
to consider with an eye on the horizon?
Consumer Protection
There are a lot of threats in privacy that have to be addressed. Some governments have mandated
censorship, and having a device that is always connected requires the need for protection to be adopted.
There is a lot at stake when you consider a digital future - not least of all your personal data. Perhaps
this is the main reason that many people adopt a VPN; they want to secure all personally identifiable
information (PII) that they transmit online. However, we should clarify that when people use social media
and reveal information about themselves, this cannot be protected using a VPN; a the vpn can only give
you an anonymous ip and encrypt your connection. Ultimately, the need for VPNs is increasing due to
rising cybersecurity threats which has, in turn, created a need and a strong desire to protect the
technology that consumers use today. In an internet era that’s ripe with vulnerable and unsecured
hotspots, connecting to any Wi-Fi network presents a privacy issue and exposes much of a consumer’s
77
data without their knowledge. With the now widespread use of hoax Wi-Fi to fool users into connecting
to a network, hackers can have complete visibility over your browsing and data. There are currently
hundreds of millions of hotspots spread around the world and it is estimated that more than half of all
mobile traffic is being offloaded to Wi-Fi. This is music to a hacker’s ears because hotspots (think public
Wi-Fi especially) are soft targets when hunting for unprotected users.
This threat even exists on airplanes, in your home and on your employer’s Wi-Fi. The problem arises
when you choose the network you connect to. The hacker’s fake Wi-Fi has the same network name and
password, and once you connect, they can start attacking your device in less than five seconds. Millions
of businesses and people turn to VPNs to protect themselves because the encryption VPN technology
offers prevents prying eyes from seeing your data even if you are connected to a malicious network. As
mobile internet usage will undoubtedly continue to climb, mobile VPNs will also play a more important
role for consumers - the number of people using VPNs for their personal mobile devices is more than
likely to rise as VPN awareness spreads.
Privacy in The Future
When you consider the future of VPNs, it is useful to consider the evolution of privacy overall. On a global
level, it is clear that there is not much left in the way of privacy - perhaps the best example being, The
Great China Firewall but also in the U.S. where there is a resolution to let ISPs share private data. The
issue now facing the world is how to manage data privacy in the future, taking into account the need to
prevent data being used in ways which consumers find objectionable. There is always regulation of
course and we have already seen the introduction of GDPR, perhaps the most important change in data
privacy regulation in 20 years - but will it be enough to prevent a massive data leak?
Previous breaches, like those suffered by Equifax and also the Facebook/Cambridge Analytica scandal,
effectively allowed the identities of millions to be illegally bought and sold. These types of hacks have
driven considerable awareness to privacy and security, bringing consumer privacy to the forefront of
media around the world. It has also been a welcome boon for the VPN industry with numerous articles
outlining VPN technology and similar ways for consumers to protect themselves online. In this day and
age, there is also the challenge of a proliferating number of devices which all collect data for different
purposes. For example, where you are using the likes of Skype or Facebook, you are talking about the
transfer of data to a third party. People, generally, are not comfortable with their personal data being
compromised - they are interested in reducing any possible risk of data leakage. In light of all of this, the
VPN industry will continue to make sure that using a VPN is affordable and easy for everyone - perhaps
we will see devices coming off the shelves with a VPN built into the OS, automated and ready to go?
Censorship Around the World Boosts VPN Usage
In an age where governments are looking at ways to suppress and control their citizens, VPNs are
becoming a popular way to bypass internet censorship under such regimes. Paradoxically, those
countries that currently restrict VPNs (such as China and Russia) haven’t actually harmed industry growth
- indeed, they have put VPNs in the spotlight. When you have countries that create legislation effectively
78
outlawing VPN usage, this can backfire on the government - local citizens local citizens resist and it also
sparks a huge rise in media coverage (anti-government, pro-net-neutrality). When a country does decide
to introduce ‘online censorship’, the strategy is to block certain websites, news portals and popular social
media sites.
With the recent pro-democracy riots in Hong Kong for example, the authorities in question used tactics
such as blocking websites and cutting off access to the internet in an effort to maintain their (China-led)
regime. It is very likely that the authorities monitored the digital communications of those protesting - for
example, via communication apps, and they could have also used meta data from ISPs to monitor and
predict the activities of the protestors. Under such circumstances, protestors or concerned citizens, will
look to take all measures possible to protect their digital privacy. Using a Virtual Private Network (VPN)
is certainly a good way to do so. Since VPN services encrypt all data, the government can no longer
censor that connection, allowing users to access sites that would otherwise be blocked.
We live in a world where, increasingly, everyone (and everything) is connected. This digital future also
gives rise to unique problems and challenges. With people becoming more concerned about their privacy
and with some governments continuing to use digital censorship tactics, the growth of security platforms
such as VPNs will undoubtedly continue in the same vein.
About the Author
Sebastian is the founder of hide.me VPN and he has been working in the
internet security industry for over a decade. He started hide.me VPN, 8
years ago to make internet security and privacy accessible to everybody.
Sebastian Schaub can be reached online at seb@eventure.my and at our
company website https://hide.me/en/
79
The Gap in Security - Data Centric Security
By Eric Rickard, CEO, Sertainty Federal Systems
What do the Coronavirus pandemic, 9/11 terrorist attacks, Boeing 737 MAX crashes, and the OPM data
breach have in common?
First, their root causes were known and preventable. Second, they resulted in substantial human loss of
life and privacy.
In most cases, Presidential panels were convened to affirm the root cause of their failures. Similarly,
Congressional hearings have or will be held to investigate why these disasters in-waiting were known but
not prevented.
Yet, the only catastrophe that has not been fully mitigated are the data breaches. The effects of Federal
data breaches continue unabated.
• 2015 - OPM data breach exposed PII of nearly 26M people, including biometrics and financial
data.
• 2018 - US Postal Service lost 60M customer records (1/5 th of the US population)!
• 2 Feb 2020 – FBI arrests Raytheon Missile Systems engineer for giving laptop with sensitive
missile defense technology to China.
• 10 Feb 2020 - US DOJ just charged four Chinese military officers over the $800M Equifax hack
80
• Perpetual - The Department of Veterans Affairs and Department of Health have had data
breaches more frequently than other agencies in the Federal government.
The root cause consensus for the data breaches was network penetration and data exfiltration. Incredibly,
the experts missed the obvious. The actual root cause was the failure to employ self-protecting data
technology to render stolen data unusable and inaccessible.
Most experts agree that network cybersecurity protection does not guarantee data loss prevention and
data loss prevention does not prevent data misuse.
Over the past 4 years DHS has spent nearly $2B to protect Federal networks, but recklessly persists in
failing to protect exfiltrated or lost data. Sadly, they are not alone. The DoD and industry are negligent as
well.
This National data loss epidemic, like the Coronavirus, is completely preventable if Congress and the
Department Secretaries act now.
Barriers to Entry
Less than 15 years ago cloud computing was universally rejected as an immature and novel computing
environment that was too insecure for the Federal government. Today, it is the preferred computing
security solution, even for our nation’s most highly classified data. Similarly, the idea of self-protecting
data technology is treated like an unproven novelty that is too good to be true. After 10 years selfprotecting
data technology should be the nation’s preferred data security solution.
The projected impacts of implementing a self-protecting data solution in the Federal, DoD and industry
are staggering.
Financial Benefits
• $1T Industrial loss prevention over 10 years by permanently protecting industrial intellectual
property from digital espionage by foreign adversaries.
• $.5T DoD R&D loss prevention over 10 years from digital espionage.
• $7B per year in DoD cost reduction by protecting DoD data at the time of origination
Privacy, Regulatory Compliance and Audit Benefits
• Empowers consumers and businesses to control their most private data (HIPPA, GDPR, FERPA,
GLBA, ITAR, EAR, FIRRMA)
o 25M Military, Civilian and Industry private records protected
o 60M US Postal Service customer records protected
o 15M VA health records protected
• Assured universal financial regulatory compliance with automated audit enforcement.
• Exposes personnel and actors who leak, steal, and proliferate stolen data.
National Defense Benefits
81
• Neutralizing China and Russia digital espionage – Protection of Federal and industry intellectual
property at the time of data origination defeats Nation-state adversaries forever.
• Defeat Insider Threat and Mistakes – accidental or deliberate data loss no longer poses threats
to national security
• Sustainable 1,000+% increase in DoD weapon systems resiliency
• 3+K US Military Service Members lives saved
Universal Business Benefits
• The data snitches on personnel and actors who leak, steal, and proliferate stolen data.
• Small Business Growth - Eliminates $100K per year of recurring regulatory compliance barriers
to entry for small DoD businesses
• Reduces businesses Data Loss insurance premiums and subsequent business risks
1000:1 Return on Investment
The estimated 10-year cost of deployment, refinement, testing and sustainment of a joint Federal and
Industrial self-protecting data solution is less than $500M per year – less than 1/1,000th the value of
the property and lives saved.
Key Takeaways:
All Data is Sensitive
In December 2019 the New York Times used cell phone data to track President Donald Trump in Florida
when he was with Japan’s Prime minister Abe. All members of the President’s Secret Service protection
and advance team are known. No data is unimportant and all data needs permanent protection by its
owner.
Information is Power
Data used to be just numbers and letters. Today, with advanced analytics data describes who we are as
a person and a nation. It reveals our character, our loyalties, our secrets and our intentions. In the wrong
hands our data becomes a weapon against us.
Cyber Criminals Beware
A self-protecting data solution does more than prevent information theft, it steals the advantage from the
thief. By denying adversaries the ability to access sensitive data lives are saved, privacy is preserved
and National prosperity through fair competition of commerce and ideas.
82
About the Author
Eric Rickard CEO, Sertainty Federal Systems
www.Sertainty.com
-A veteran Defense and Federal Systems executive, with two US
Government appointments at the National Security Agency and
the Office of the Director of National Intelligence.
83
A View of How DDOS Weapons Evolved In 2019
By Anthony Webb, EMEA Vice President at A10 Networks
Throughout 2019, DDoS attacks continued to grow in frequency, intensity, and sophistication. However,
the delivery method of using infected botnets and vulnerable servers to perform crushing attacks on a
massive scale has not changed during that time. Unlike traditional security methods, where attackers
leverage obfuscation to prevent detection, the loud distributed nature of DDoS attacks creates
opportunities for defenders to take a more proactive approach by focusing on the weapon’s location.
Winding back to the first DDoS attack which occurred in 1997 during a DEF CON event in Las Vegas.
The culprit was notorious hacker Khan Smith, who successfully shut down Internet access on the Vegas
Strip for over an hour. The release of some of this code soon led to online attacks against Sprint,
EarthLink, E-Trade, and many more organisations.
Fast forward to 2019 and AWS, Telegram, and Wikipedia were among the top victims of DDoS this year.
In fact, in September Wikipedia suffered what appears to be the most disruptive attack in recent memory.
The DDoS attack carried on for three days rendering the site unavailable in Europe, Africa and the Middle
East. The size of the attack was not made public, but it is clear that it was an old-style volumetric flood
designed to overwhelm the company’s web servers with bogus HTTP traffic. Given the protection that
84
sites employ these days, this suggests that it was well into the terabits-per-second range used to measure
the largest DDoS events on the Internet.
Similarly, the largest DDoS attack in Q1 2019 was 587 GB/s in volume, compared to 387 GB/s in volume
for the largest Q1 2018 attack. Also noteworthy is the fact that attacks above 100 GB/s increased 967
percent in 2019 versus 2018, and attacks between 50 GB/s and 100 GB/s increased 567 percent. Indeed,
Cisco estimates that the number of DDoS attacks exceeding 1 gigabit of traffic per second will soar to
3.1 million by 2021.
Here at A10 Networks, we have been tracking the state of the DDoS attack landscape and DDoS
weaponry and what we have found over the year is that IoT is a hotbed for DDoS botnets. Likewise, with
5G on the horizon, with its higher data speeds and lower latency, this will dramatically expand attack
networks as it presents an opportunity to increase the DDoS weaponry available to attackers.
In our latest Q4 report we found that the largest DDoS attacks have one thing in common – amplification.
Reflected amplification weapons attackers leverage vulnerabilities in the UDP protocol to spoof the
target’s IP address and exploit vulnerabilities in servers that initiate a reflected response. This strategy
amplifies the attack by producing server responses that are much larger than the initial requests.
Other notable weapons include DDoS botnet weapons attackers that leverage malware-infected
computers, servers, and IoT devices that are under the control of a bot herder. The resulting botnet is
used to initiate stateful and stateless volumetric, network, and application-layer attacks.
To gather these insights, our researchers obtain weapons intelligence by closely monitoring attack agents
under the control of botnet command and control, discovering malware innovations by deploying
honeypots and scanning the internet for exposed reflected amplification sources.
What we observed is that attackers have discovered a new IoT DDoS amplification weapon by exploiting
hundreds of thousands of internet-exposed IoT devices running Web Services Dynamic Discovery
protocol (or WS-Discovery) to amplify their attacks. In fact, nearly 800,000 WS-Discovery reflected
amplifiers available for exploitation were discovered in Q4 2019. Less than half of the WS-Discovery
hosts respond from port 3702 and the rest from high ports.
Interestingly, China is the top drone hosting country, but Brazil hosts the most active attacking drones.
SNMP topped our tracked weapons category with 1,390,505. The report also identifies the top sources
of DDoS weaponry and although the nature of DDoS attacks is distributed, we have found valuable
insights from where they originate. For example, we found higher concentrations where internetconnected
populations are most dense, i.e. China – 739223, and USA - 448,169. The report highlights
who the top Autonomous Systems Numbers (ASNs) are who are hosting DDoS weapons (Chinanet held
the number one position with 289,601) and we also found that mobile carriers hosting DDoS weapons
skyrocketed during this reporting period.
As indicated, DDoS attacks will only grow, and our quarterly findings certainly point to this being the case.
Organisations need to prepare themselves now before the next large-scale DDoS attack hits them.
85
Sophisticated DDoS threat intelligence, combined with real-time threat detection and automated
signature extraction will allow organisations to defend against even the most massive multi-vector DDoS
attacks, no matter where they originate. Actionable DDoS intelligence enables a proactive approach to
DDoS defences by creating blacklists based on current and accurate feeds of IP addresses of DDoS
botnets and available vulnerable services commonly used for such attacks. Take heed and ensure you
match your attackers’ sophistication with even better and stronger defences, otherwise you might find
that you are one of the ‘top’ DDoS casualties in 2020.
About the Author
Anthony Webb is EMEA Vice President Sales at A10 Networks. He is an
industry veteran with over 20 years of sales experience in the IT, Data
Communications, and Telcom's industry having worked for companies like
Ixia Technologies, Juniper Networks, Siemens Enterprise Networks and
Cisco.
Anthony can be reached online at (awebb@a10networks.com) and at our
company website https://www.a10networks.com/
86
Network Security Must Keep Up with Video Surveillance
Systems’ Rise in Criticality to Public Safety and Security
in The Middle East
By Rabih Itani, the Middle East region security business head at Aruba, a Hewlett Packard
Enterprise company
The Video Surveillance market in the Middle East region continues to grow in double digit figures, driven
by the rise of security concerns accompanied by strict government regulations. To keep up with the
challenges imposed by these concerns and regulations, a reliable, always-on and secure network
capable of delivering quality high resolution videos is imperative to keep organizations safe.
The Middle East is one of the fastest growing markets for video surveillance systems. Research firm
MarketsandMarkets reports that a big driver for the increasing use of video surveillance systems globally
is in large part due to the increasing concerns for public safety and security, prompting deployment at
airports, malls, schools, office buildings, public places and so on. Nevertheless, the market dynamics are
rapidly changing with security cameras being more and more integrated with the IoT architecture to solve
for business use cases alongside security use cases, while Artificial Intelligence continues to enable
security capabilities related to behaviors and object recognition that have never been possible before.
These dynamics are raising the criticality of the video surveillance systems and consequently the
criticality of the network infrastructure that interconnects the ecosystem together.
87
Gone are the days, where the video surveillance networks get the least attention during the design phase,
but ironically the first to blame when the video streaming disconnects or suffers jitter or hackers get
through. Organizations are beginning to realize the importance of connecting their video surveillance
systems to secure and future-proof networks that they can simply trust.
Aruba, a long term leader in providing secure network infrastructures, understands how to build mission
critical networks, and as such it is aggressively positioning its life time warranted Aruba 2930 family of
network switches to regional organizations who do take security seriously. Aruba 2930 family solves for
current connectivity requirements and prepares for future ones with its smart rate ports, 40Gbps uplink
options, and 60W Power-over-Ethernet as mandated by specific devices such as the PTZ cameras. In
terms of security, this family of switches furnishes built-in secure-boot hardware and built-in network
security capabilities and when additional network edge security and control is needed, these switches
integrate bi-directionally with Aruba Clearpass Network Admission Control to authenticate the connecting
cameras while authorizing the right access permissions for each. Moreover, Aruba Clearpass Device
Insight can be plugged in to leverage Machine Learning in order to accurately profile the connecting
devices, while continuously monitoring any profile changes. It is important to note that Aruba can enable
trust to be adaptive, as trust can be revoked at any time based on how devices behave while on the
network.
Video surveillance cameras, which are essentially IoT devices, are a major target themselves for
cybercriminals or are used by them as an easy door to access weakly secured networks. This pushes
networks to move from being merely a connectivity provider for the cameras, to be first line defenders.
This is where Aruba shines.
About the Author
Rabih is an ICT industry veteran with over 27 years of experience.
Rabih enjoys a track record of leading many of the first and largest
network and security deployments in the Middle East and has led this
region’s first transformation effort towards mobility defined systems
and processes. He joined Aruba in early 2012 as system engineering
manager for the Telco sector across Middle East and Turkey and rose
to manage the business in 2015. During this period, Rabih
successfully engaged with leading telecommunication providers and
positioned Aruba as a leader across the region in providing next
generation seamless and secure public Wi-Fi hotspot services.
Rabih can be reached online at (rabih.itani@hpe.com) and at our company website
https://www.arubanetworks.com
88
Shadow Iot Devices A Major Concern for Corporate
Networks
By Ashraf Sheet, Regional Director Middle East & Africa at Infoblox
Infoblox Inc., the leader in Secure Cloud-Managed Network Services, today announced new research
that exposes the significant threat posed by shadow IoT devices on enterprise networks. The report, titled
“What’s Lurking in the Shadows 2020” surveyed 2,650 IT professionals across the US, UK, Germany,
Spain, the Netherlands and UAE to understand the state of shadow IoT in modern enterprises.
Shadow IT devices are defined as IoT devices or sensors in active use within an organisation without
IT’s knowledge. Shadow IoT devices can be any number of connected technologies including laptops,
mobile phones, tablets, fitness trackers or smart home gadgets like voice assistants that are managed
outside of the IT department. The survey found that over the past 12 months, a staggering 80% of IT
professionals discovered shadow IoT devices connected to their network, and nearly one third (29%)
found more than 20.
The global report revealed that, in addition to the devices deployed by the IT team, organisations around
the world have countless personal devices, such as personal laptops, mobile phones and fitness trackers,
connecting to their network. The majority of enterprises (78%) have more than 1,000 devices connected
to their corporate networks.
89
The amount of shadow IoT devices lurking on networks has reached pandemic proportions, and IT
leaders need to act now before the security of their business is seriously compromised.
Personal IoT devices are easily discoverable by cybercriminals, presenting a weak entry point into the
network and posing a serious security risk to the organization. Without a full view of the security policies
of the devices connected to their network, IT teams are fighting a losing battle to keep the ever-expanding
network perimeter safe.
Nearly nine in ten IT leaders (89%) were particularly concerned about shadow IoT devices connected to
remote or branch locations of the business.
As workforces evolve to include more remote and branch offices and enterprises continue to go through
digital transformations, organisations need to focus on protecting their cloud-hosted services the same
way in which they do at their main offices,” the report recommends. “If not, enterprise IT teams will be left
in the dark and unable to have visibility over what’s lurking on their networks.”
To manage the security threat posed by shadow IoT devices to the network, 89% of organisations have
introduced a security policy for personal IoT devices. While most respondents believe these policies to
be effective, levels of confidence range significantly across regions. For example, 58% of IT professionals
in the Netherlands feel their security policy for personal IoT devices is very effective, compared to just
over a third (34%) of respondents in Spain.
Whilst it’s great to see many organisations have IoT security policies in place, there’s no point in
implementing policies for their own sake if you don’t know what’s really happening on your network.
Gaining full visibility into connected devices, whether on premises or while roaming, as well as using
intelligent systems to detect anomalous and potentially malicious communications to and from the
network, can help security teams detect and stop cybercriminals in their tracks.
In conclusion, awareness of the risk of shadow IoT devices has grown significantly, yet IoT devices
remain an open portal for cybercriminals looking to attack a network. It’s clear that regional businesses
are prioritizing safety, but they are still bogged down by a lack of skilled staff and the increasing number
of shadow devices connecting to their infrastructure. Because of this, network and security professionals
must actively manage the threat introduced by shadow devices and integrate new network security
solutions.
90
About the Author
Ashraf Sheet is Regional Director Middle East & Africa at Infoblox. He
has indepth knowledge of technical & strategic IT solutions, especially in
the security and networking domain.
Ashraf can be reached online at (asheet@infoblox.com) and at our
company website https://www.infoblox.com/
91
The Hard Drive Secondary Market: The Sorry State of The
Industry
Why NextUse Hard Drive Quality Surpasses the Competition
By James Mannering, Hard Drive Product Manager at NextUse
Remarketing, the reselling of end-of-life or retired IT assets like hard drives, is an extremely competitive
and cost-sensitive industry. Thousands of companies all over the world buy and sell hard drives, including
brokers that simply act as a middleman connecting buyers and sellers. Oftentimes these drives have not
had the data wiped off them, have large amounts of bad sectors, or do not work at all. This is an industry
defined by the term “caveat emptor” (let the buyer beware), and it requires the use of payment methods
that can be refunded in case the product that received is not what was advertised.
For example, we recently got a large shipment of hard drives that were supposed to be “tested, working.”
But it turns out that our equipment couldn’t even recognize the hard drives because they had been
degaussed and were essentially paperweights.
Most remarketers are simply that: they don’t recycle, and some don’t even have any data security or data
destruction capability, they just buy and sell drives. And in order to stay profitable in an industry with
constantly changing drive values and tight profit margins, they don’t invest a penny more than they have
to in hardware and software.
92
Among companies that do offer “data destruction” services, most do so without any certification, training,
oversight, or qualifications of any sort. Many simply drop the data-bearing drives into a shredder and
physically destroy them, which unnecessarily burdens a broken and overloaded global recycling system.
Although some vendors claim to “wipe,” “sanitize,” or “destroy” data, there is evidence that it isn’t done
consistently across the industry:
• In a Q3 2019 study, Blancco purchased 159 drives from professional sellers using eBay in the
U.S., UK, Germany, and Finland. All of the drives were “guaranteed” by the sellers to be cleaned
of all data. That wasn’t the case however: Almost half (42%) still contained data, with 15% of the
information being personally identifying information (PII) and/or corporate data.
• A Q1 2017 NAID study found PII, including credit card data and tax records, on over 44% of 250
hard drives purchased in the secondary market.
This gauntlet of shady, dishonest dealers pushing unpredictable and often unreliable product is what
companies face when shopping for working, clean drives. If you are considering the purchase of
remarketed drives (or selling your used SATA or SAS drives), make sure you work with a trusted provider
who has the necessary credentials and a solid reputation to avoid disappointment.
For your consideration, NextUse provides this information on our process and certifications. Simply put,
we specialize in data security and data destruction, with a state-of the art lab containing cutting-edge
systems and software that enable us to:
• Verify drive integrity
• Repair failed disks using the same equipment and methods as major OEMs
• Overwrite drives with any combination of characters in any sequence
• Verify that the original data is irretrievable
• Degauss or physically destroy drives when resale is not an option
NextUse holds a National Association for Information Destruction (NAID) AAA certification for sanitizing
data off numerous hard drive types in our facilities and at client sites. We are certified for all outcomes,
including leaving the drives reusable, disabling them from further use, and physically destroying them. At
a time when reuse is far more preferable to recycling, we’re ideally positioned to produce top quality
reusable drives.
When dealing with brokers and resellers I’m frequently told that they can source drives cheaper than
NextUse. I explain that our costs are slightly higher than the industry average due to our infrastructure
investment, our NAID-defined protocols, and the time, power consumption, and manpower needed to
achieve our standard: that no drive is resold unless it’s 100% working and wiped clean of data.
Clients keep working with us year after year once they recognize the quality of our product and the
positive impact on their:
• Reputation
• Revenue
• Client acquisition and retention
• Market share
Want to explore how we can help you with the purchase and sale of your hard drives? Visit our website
at nextuse.us to get started.
93
About the Author
James Mannering holds the titles of Data Security Specialist/
Enterprise and Consumer Sales at NextUse.
You can contact him directly at 603-601-8293 or
james.mannering@nextuse.us with any questions.
94
Smart Buildings
Understanding the Security Risk
By Andrea Carcano, Nozomi Networks Co-founder and CPO
Smart Buildings: Understanding the Security Risks
Today many of the world’s most forward-thinking workplaces are deploying smart technologies into their
offices to help optimize functions, increase productivity and improve overall working life.
These new ‘smart buildings’ boost smart thermostats, which can measure the temperature of the building
and turn on the heating or the air-conditioning when required, as well as intelligent lighting, which can be
controlled remotely and adjusted to suit the time of day. When turning a building into a smart building,
one of the key attributes is taking the data from the technology deployed and using it to make intelligent
decisions.
Smart buildings can significantly improve the lives of those occupying them and can also play a key role
in helping the environment, however, as we have seen time and time again, when internet-connectivity
is added into any piece of equipment it makes it accessible to the outside and by intruders. This ultimately
means that when offices turn their workplaces into smart buildings, attackers have an even larger array
of entry points to attack the organization.
95
A world of opportunity for attackers
According to a report from IDC, Internet-of-Things spending is expected to reach $745 billion globally this
year. This shows just how popular smart technology is becoming, and not just among consumers.
Smart technology within buildings offers huge benefits and not just for occupants. It can also be used to
significantly reduce costs and reduce the environmental footprint of the building, by intelligently analyzing
data and understanding when, for instance, energy consumption can be reduced.
An example of this was recently reported in Forbes when it was revealed that the New York Times head
office in Manhattan managed to reduce its lighting power per square foot from 1.28 watts to 0.4 watts,
which is an energy saving of 70 percent. This was as a result of the media powerhouse implementing
smart technology to control lighting and sensor blinds, among other things.
However, along with the many benefits smart buildings offer, the convergence between operational
technology and IT systems this is required to support them also opens smart facilities up to an increased
threat of hacking.
If a hacker is able to gain access to a smart building it potentially presents a world of opportunities to the
hacker. For instance, because these new smart technologies are connected to the building’s IT network
they open up new entry paths into corporate networks. Attackers could use these new devices as new
ways in to install malware on the corporate network or recruit the devices into botnets or even launch
ransomware attacks against the organization.
This ultimately means that security for every single internet-enabled appliance, from lighting to
refrigerators, must be forethought before they are introduced into smart buildings.
Making security a priority
While most people would not look at their lighting or sensor blinds as attractive targets for attackers, the
fact that these appliances are connected up to corporate networks, which also connect to sensitive
information, means they are. Research and experience have shown repeatedly, when things are
connected to the internet, they become a target for malicious hackers. As a result, it is imperative that
smart building operators make security a priority.
To reap the full benefits of connectivity within smart buildings it is important that all networks and devices
are comprehensively accounted for and secured, as each device could be a potential entry point for
attackers. In addition to maintaining an up-to-date and accurate inventory of devices on the network, it is
also essential to ensure all software and hardware is updated with the latest patches and not hosting any
vulnerabilities which could be exploited by attackers.
Organizations should also train staff on the security threats and teach them about the dangers of email
phishing campaigns, including how to recognize malicious emails and attachments.
96
Finally, it is crucial for organizations to ensure that multiple levels of protection are in place – from
securing the network itself to monitoring it in real-time for anomalies that could indicate a cyber threat is
present.
Today’s smart buildings are a variety of sensors, control systems, networks, and applications. While
these technologies are being introduced into workplace environments to improve efficiencies, help drive
down costs and of course improve our global environmental footprint, they also increase the attack
surface. As a result, the security of all new internet-enabled appliances must be forethought before they
are added to the network.
About the Author
Andrea Carcano is an expert and international leader in
industrial network security, artificial intelligence and
machine learning. He co-founded Nozomi Networks in
2013 with the goal of delivering a next generation cyber
security and operational visibility solution for industrial
control networks. As Chief Product Officer, Andrea defines
the vision for Nozomi’s products and is the voice of the
customer within the organization. In this role he draws on his real-world experience as a senior security
engineer with Eni, a multinational oil and gas company, as well as his academic research.
With a passion for cyber security that began in high school, Andrea went on to study the unique
challenges of securing industrial control systems. His Ph.D. in Computer Science from Università degli
Studi dell’Insubria focused on developing software that detected intrusions to critical infrastructure control
systems. His Masters in Computer Science from the same institution involved creating malware designed
to take advantage of the lack of security in some SCADA protocols and analyzing the consequences.
Andrea has published a number of academic papers, including one describing an early example of
malware targeting SCADA systems.
Andrea Carcano – Published Papers
Andrea can be reached on LinkedIn at https://www.linkedin.com/in/andreacarcano/
or on twitter @andreacarcano and at our company website www.nozominetworks.com
97
What the Latest Enterprise Endpoint Security Survey
Shows Us: Big Concerns but Hope for The Future
By Jeff Harrell, Vice President of Marketing, Adaptiva
More bad news when it comes to IT security. The fourth annual Enterprise Endpoint Security Survey was
recently released, showing that just 17% of companies believe they have enough staff to handle security
correctly, and vulnerabilities continue to take a remarkably long time to fix, particularly without solutions
that meet their needs. These findings (and more) come as organizations face unprecedented threats.
So what’s going on?
Vulnerabilities on the Rise
Cybercrime is predicted to cost $6 trillion annually by 2021, with new threats becoming the number one
pain point for endpoint security buyers. Deloitte points out one reason for this is that as workforces
become more distributed and organizations are responsible for securing more devices, it becomes harder
and harder to secure the endpoint, calling it companies’ “weakest security link.”
98
Shoring up the endpoint is critical, however, because that’s where approximately 80% of cyberattacks
occur—and these attacks are increasing at a blistering pace. Research shows that between 2016 and
2017 there was a 600% increase in attacks against IOT devices alone. Any Google search can turn up a
multitude of other scary stats that underscore just how great today’s cyberthreat is and how it is expected
to get worse. But the bottom line is vulnerabilities at the endpoint are a tremendous concern, one that
must be addressed if organizations hope to protect their networks, IP, and customer data.
Current Solutions Don’t Solve the Problem
According to the annual Enterprise Endpoint Security Survey, IT professionals cited vulnerability
scanning as their top cybersecurity challenge. One of the reasons shared was that current vulnerability
management scanning solutions don’t solve their problems. In fact, they may increase frustration and
stress by generating reports of hundreds of vulnerabilities that teams can’t address in a timely manner.
Additionally, they suck up bandwidth and hinder network performance.
It’s not as though IT teams are throwing up their hands and pretending that vulnerabilities don’t exist,
however. Ninety-one percent of respondents indicated that “maintaining current, compliant security
configuration” is very or extremely important; they want to improve the speed and scale with which they
can address vulnerabilities—they’re just a bit hamstrung.
Staff Can’t Handle the Surge—And It’s About to Get Worse
But fixing the problem is not simple. In addition to the exponential increase in vulnerabilities and devices
managed, and the fact that vulnerability management solutions can hinder more than help, teams simply
don’t have the staff. Nearly two-thirds of respondents to the Enterprise Endpoint Security Survey
indicated that they struggle to keep up as their teams are stretched to the max, often limiting their ability
to handle security operations the way that they want or wish that they could.
Unfortunately, in light of internal staff shortages, their work is about to get harder. The survey reveals that
only 29% of companies will complete migration to Windows 10 before Microsoft ceases support for
Windows 7 on January 14, 2020. This means that potentially millions of endpoints will present openings
for cyberattackers to take advantage of an outdated OS that is no longer monitored and supported by
Microsoft and that also lacks the latest security features available in Windows 10. While 87% of
companies reported that they will have more than half of their systems running Windows 10, close may
not be good enough. It takes cyberattackers only minutes to wreak havoc. Given that it requires 52% of
organizations surveyed more than a week—and 22% more than a month—to remediate vulnerabilities
after they are discovered, this could spell big trouble.
99
Automation Must Be Part of the Solution
With staff being swallowed up trying to handle all of the threats and issues their organizations face, and
those threats increasing each day, something’s got to give. Significant talent shortages make finding
enough skilled IT workers to conquer these issues unlikely. And, even the best funded, best staffed
organizations are fighting a losing battle against the clock. It would be nearly impossible for humans alone
to write the code and execute remediations at the scale that they need to keep all endpoints up to date
100% of the time.
Automation has to be part of the solution. There have been knocks against it—from the time required to
learn how to use new solutions to the limits of present capabilities—but solutions are improving rapidly.
The next generation of vulnerability management solutions includes instant remediation capabilities.
Even if a solution could automatically remediate only 50% of issues, that would be a vast improvement
over the circumstances teams operate in today. It would not only accelerate the speed at which basic
issues are fixed enterprise-wide, it would also open up considerable resources to address more complex
issues in a timely manner.
While enterprise IT security faces a difficult road ahead, all is not lost. The intense commitment of existing
staff to fight cyberthreats coupled with exciting advancements in automation could ensure that the results
of next year’s survey look markedly different. Winning modern cyberwars will require man + machine.
About the Author
Jeff Harrell, vice president of marketing at Adaptiva, manages the
company’s marketing strategies and initiatives across a growing
range of products designed to assist global enterprises with
pressing endpoint management and security needs. With more
than 20 years’ experience, Jeff is known for his domain
knowledge, creativity, and vision as well as the ability to execute.
In his free time, Jeff can usually be found looking for birds through a pair of binoculars. For more
information, please visit https://adaptiva.com/, and follow the company on LinkedIn, Facebook, and
Twitter.
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
Meet Our Publisher: Gary S. Miliefsky, CISSP, fmDHS
“Amazing Keynote”
“Best Speaker on the Hacking Stage”
“Most Entertaining and Engaging”
Gary has been keynoting cyber security events throughout the year. He’s also been a
moderator, a panelist and has numerous upcoming events throughout the year.
If you are looking for a cybersecurity expert who can make the difference from a nice event to
a stellar conference, look no further email marketing@cyberdefensemagazine.com
123
You asked, and it’s finally here…we’ve launched CyberDefense.TV
At least a dozen exceptional interviews rolling out each month starting this summer…
Market leaders, innovators, CEO hot seat interviews and much more.
A new division of Cyber Defense Media Group and sister to Cyber Defense Magazine.
124
Free Monthly Cyber Defense eMagazine Via Email
Enjoy our monthly electronic editions of our Magazines for FREE.
This magazine is by and for ethical information security professionals with a twist on innovative consumer
products and privacy issues on top of best practices for IT security and Regulatory Compliance. Our
mission is to share cutting edge knowledge, real world stories and independent lab reviews on the best
ideas, products and services in the information technology industry. Our monthly Cyber Defense e-
Magazines will also keep you up to speed on what’s happening in the cyber-crime and cyber warfare
arena plus we’ll inform you as next generation and innovative technology vendors have news worthy of
sharing with you – so enjoy. You get all of this for FREE, always, for our electronic editions. Click here
to sign up today and within moments, you’ll receive your first email from us with an archive of our
newsletters along with this month’s newsletter.
By signing up, you’ll always be in the loop with CDM.
Copyright (C) 2020, Cyber Defense Magazine, a division of CYBER DEFENSE MEDIA GROUP (STEVEN G.
SAMUELS LLC. d/b/a) 276 Fifth Avenue, Suite 704, New York, NY 10001, Toll Free (USA): 1-833-844-9468 d/b/a
CyberDefenseAwards.com, CyberDefenseMagazine.com, CyberDefenseNewswire.com,
CyberDefenseProfessionals.com, CyberDefenseRadio.com and CyberDefenseTV.com, is a Limited Liability
Corporation (LLC) originally incorporated in the United States of America. Our Tax ID (EIN) is: 45-4188465,
Cyber Defense Magazine® is a registered trademark of Cyber Defense Media Group. EIN: 454-18-8465, DUNS#
078358935. All rights reserved worldwide. marketing@cyberdefensemagazine.com
All rights reserved worldwide. Copyright © 2020, Cyber Defense Magazine. All rights reserved. No part of this
newsletter may be used or reproduced by any means, graphic, electronic, or mechanical, including photocopying,
recording, taping or by any information storage retrieval system without the written permission of the publisher
except in the case of brief quotations embodied in critical articles and reviews. Because of the dynamic nature of
the Internet, any Web addresses or links contained in this newsletter may have changed since publication and may
no longer be valid. The views expressed in this work are solely those of the author and do not necessarily reflect
the views of the publisher, and the publisher hereby disclaims any responsibility for them. Send us great content
and we’ll post it in the magazine for free, subject to editorial approval and layout. Email us at
marketing@cyberdefensemagazine.com
Cyber Defense Magazine
276 Fifth Avenue, Suite 704, New York, NY 1000
EIN: 454-18-8465, DUNS# 078358935.
All rights reserved worldwide.
marketing@cyberdefensemagazine.com
www.cyberdefensemagazine.com
NEW YORK (US HQ), LONDON (UK/EU), HONG KONG (ASIA)
Cyber Defense Magazine - Cyber Defense eMagazine rev. date: 01/03/2020
125
TRILLIONS ARE AT STAKE
No 1 INTERNATIONAL BESTSELLER IN FOUR CATEGORIES
Released:
https://www.amazon.com/Cryptoconomy-Bitcoins-Blockchains-Bad-Guys-ebook/dp/B07KPNS9NH
In Development:
126
127
128
Nearly 8 Years in The Making…
Thank You to our Loyal Subscribers!
We've Completely Rebuilt CyberDefenseMagazine.com - Please Let Us Know
What You Think. It's mobile and tablet friendly and superfast. We hope you
like it. In addition, we're shooting for 7x24x365 uptime as we continue to
scale with improved Web App Firewalls, Content Deliver Networks (CDNs)
around the Globe, Faster and More Secure DNS
and CyberDefenseMagazineBackup.com up and running as an array of live
mirror sites.
5m+ DNS queries monthly, 2m+ annual readers and new platforms coming…
129
130
131
132
133
134