Intelligence, Or Action?
What Do CISOs Really Need?

Posted by Greg Mancusi-Ungaro

Mon, Aug 22, 2016

 

Cyber threat intelligence (CTI) is all the rage.

Every day, it seems, there is another vendor offering a new fire hose of intelligence data, trying to meet the almost insatiable demand for data of CISOs and Security Operations Centers  These feeds promise ever-increasing quantities of all kinds of cyber stuff, from inside and outside the organization, the individual streams delivered to the analytical desks, SIEMs and SOCs for filtering, analysis and attempts at big data manipulation. For the largest enterprises, acquiring and analyzing this data can cost multiple millions of dollars a year.  And as the focus of these security investments centers on the data, very few teams have built expertise to actually mitigate the threats that are impacting their organizations every day.  Mitigation? Unfortunately, for many enterprises, that's tomorrow's problem...

Read More

Topics: cyber threats, analytics, CISO, InfoSec, Threat Intelligence, SOC, External Threat, mitigation, Ponemon

Marilee Philen, Senior Cyber Threat Analyst, To Speak At Atlanta Cyber Security Summit

Posted by Greg Mancusi-Ungaro

Thu, Mar 31, 2016

Marilee Philen, senior cyber threat analyst at BrandProtect, will be speaking at next week's Atlanta Cyber Security Summit .  She will join U.S. Assistant Attorney General, the Honorable John P. Carlin along with experts from the FBI, US Secret Service and other cyber security leaders in an all day exploration of emerging cyber threats related to new risks presented by Internet of Things, the vulnerabilities of big data and cloud computing deployments. The day will close with a discussion of the state of cyber threats and the strategies to combat them.

Philen is uniquely qualified to join in this discussion, she is an ex-USAF Intelligence Analyst, with a 20+ year career in intelligence collection, analysis, and reporting.

She has served with the U.S. Air Forces-Europe, U.S. Air Force Special Operations Command, and the U.S. Strategic Command Center (USSTRATCOM).

Read More

Topics: cybercrime, Internet Threats, cyber threats, OSINT, CISO, InfoSec, Internet of Things, Threat Intelligence

The Evolving Cyber Threat Environment: Why Your Business Needs External Monitoring

Posted by Greg Mancusi-Ungaro

Thu, Feb 11, 2016

Regardless of industry or market, CISOs are facing new classes of attackers, from sophisticated teams of hackers who want to obtain an enterprise’s lucrative customer data to activists who want to ruin a company’s reputation and fraudsters who imitate a brand for financial gain. Cybercrime has become organized crime and criminals are finding new ways to harm businesses and individuals on a daily basis.

Without being alarmist, depending on the size and notoriety of your company, it's not unreasonable to assume that while you are reading this, someone is working to pry private, sensitive data from your servers. CISOs must stay ahead of the curve to combat the rapidly evolving cyber threats that have resulted from an increasingly global and digital business landscape.

The Necessity of Regulatory Compliance

In addition to general security regulation put forth by governmental agencies in North America, certain industries have other regulatory bodies with which they must comply. For example, financial institutions in the U.S. must comply with FDIC and FFIEC regulations to help ensure the integrity of communications and online activity. On a global scale, foreign financial institutions with a large presence in the U.S. subject to those same U.S. regulations. However, compliance initiatives are not usually sufficient to stem security concerns.

To better understand potential security gaps, especially in regards to cyber threats beyond the perimeter, many enterprises have joined their industry’s ISAC organization, such as FS-ISAC, the premier security working group for financial services industry. Through organizations like this, and emerging ISACs and ISAOs, institutions and enterprises are able to pool knowledge and plan for the latest kinds of cyber threats, and implement robust threat detection architectures, controls and information sharing programs.

But even as organizations develop and implement strategies for staying ahead of the cybercriminals, they have been unable to solve their security problems – particularly when relying solely on in-house resources. Because of the massive costs and resource requirements necessary to build a team to detect and manage outside threats, outsourcing a portion of cyber security has become the norm for most companies.

Ensuring Security Beyond the Perimeter

A large North American firm with a global presence recently worked with BrandProtect to estimate the costs of protecting the firm (employees, assets, partners, reputation) from third party cyberattacks and brand abuse through a wholly in-house effort. It determined that it would have to assemble a team of at least six people and invest between $2 to $3 million annually to create coverage that at best would only attain a small fraction of the coverage that it enjoyed through its partnership with a security firm – in this case, BrandProtect.

A strong partnership with a security services provider effectively adds highly trained, deeply experienced cyber threat specialists to a firm’s existing security team without the need for additional training or technology investments. From phishing scams and domain abuse to mobile application fraud and sophisticated identity theft schemes, a dedicated managed service can provide multiple layers of threat detection, analysis, threat correlation, and threat mitigation. All day, every day, these services will patrol online sites and markets to discover and understand any threats to a business and unauthorized or infringing online content related to the firm or its employees.

An increased use of technology across all business models has led to more threat vectors than ever before, as attackers have exploited gaps formed by business being transacted digitally and employees having access to an organization’s data outside of its walls. As a result, cyber threats are moving beyond the traditional security perimeter, which is making it harder for organizations to detect potential attacks using existing perimeter-focused tools. Without the proper preparations, such as implementing holistic external monitoring and collaborating with security experts, organizations will struggle to detect and diffuse online threats. Forward-thinking CISOs are already adopting external monitoring to better protect their organizations, and that number will increase throughout 2016.

Will you be ready?

Read More

Topics: Security, internet security, cyber threats, CISO, InfoSec

Jeb Bush Has A Domain Problem.  Do You?

Posted by Greg Mancusi-Ungaro

Tue, Dec 08, 2015

That sound you hear is a bunch of the staffers at jeb2016.com (the official Jeb Bush website) trying to make it seem like they are on top of their web presence. Or is that the Trump team, laughing?  We can't be sure.  

The Washington Post reported yesterday that people who type "jebbush.com" into a browser found themselves redirected to Donald Trump's official site, donaldjtrump.com. You read that right -- one of the leading candidates for the Republican nomination for President of the United States has found himself on the wrong side of one of the most basic domain abuse issues. Someone else has registered a similar domain and is using it to confuse the public. Try it: jebbush.com (It's fun!)

Download the InfoGraphic

Yes, it's funny for a moment. But in reality it is very scary. In fact, it is potentially devastating.

The massive breach at Anthem earlier this year originated from spear phishing emails that were sent from domains that impersonated Anthem. The employees who recieved the emails did not notice that the emails originated from a rogue address. They unwittingly opened attachments or clicked on links that gave the attackers inside access to Anthem networks. 

Game over.

When others appropriate your web presence by registering or appropriating a similar or easily mistaken domain, they put themselves in a position to confuse your message, siphon revenues or worse. 

How big a problem can it be?...

Read More

Topics: Brand Protection, data breach, scam, brand abuse, Domain Management, cybersquatting, Phishing, gTLD, brandprotect, infographic, cyber threats, online risk, brandjacking, Health Care, OSINT, Jeb Bush, Legal, Spear Phishing, CISO, CSO, InfoSec, Donald Trump, 2016 Elections, Anthem, CMO

Subscribe to our weekly CyberThreat Digest

Each week, our Cyber Threat Analyst team prepares a digest of the latest cyber threat news and alerts. Subscribe today and begin receiving it on Monday.

 Get the Weekly CyberDigest

 

Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all