By Vanessa Pegueros
There is an extraordinary amount of money and time spent on detection and response relative to cybersecurity, and much of this conversation is technology focused. This series explores a different aspect of incident response — the human being. Pegueros asserts that people ultimately orchestrate incident response and the care and development of employees should be at least as important as the development of technology, and she offers items to consider relative to developing the human elements of incident response.
Part Two – Recognizing Level One Trauma Within Your Organization
In my previous article, I discussed the need to focus more on the people-related aspects of incident response. In this piece, I will focus on how the human body responds to dangerous situations and the impacts of long term trauma.
By John J. Masserini
MIAX Options CSO
By now, you’re probably well aware of the fate recently befallen on the Brian Krebs site KrebsOnSecurity.com. A Distributed Denial of Service (DDoS) attack in excess of 620/Gbps caused such a strain on one of the world's largest DDoS protection services, that Krebs asked that his site fundamentally be black-holed until the storm passed.
What you may not have heard of is yet another attack a few days later on OVH hosting, which demonstrated a similar type of attack that reached almost 1/Tbps - almost a 50% increase over that which took the Krebs site offline. OVH also reported that over 145,000 devices were involved in the attack (https://www.hackread.com/ovh-hosting-suffers-1tbps-ddos-attack/).
By Bob Turner
University of Wisconsin-Madison CISO
The University of Wisconsin (UW) – Madison is the flagship campus in the UW System and a major research institution in a state with open record statutes that respect privacy while insisting on accountability.
Institutions within the UW System live by the Wisconsin Idea – the notion that what we learn and discover should be applied to solve problems and improve health, quality of life, the environment, and agriculture for all citizens of the state… and beyond.
This occasionally creates the need to really know where the important data is stored and a deep understanding of how that data is supposed to be managed.
By Mitch Parker
Academic Healthcare CISO
In this three-part series, Academic Healthcare CISO Mitch Parker shares his insights on ransomware, incident response and best practices for building a world-class prevention program. Read part one.
As a preamble to this list of key considerations and best practices, let me first say that all organizations should plan to be attacked. While there may be many solutions in the marketplace that claim to stop ransomware, eventually they will fail. There will always be an exception to the rule that will make it past your defenses and cause damage.
You need to be able to react, and not point the finger at a product for not protecting your network. You need to have Defense in Depth and comprehensive incident response and downtime plans for addressing your HIPAA/HITECH and Joint Commission requirements. Neither a solution nor a one-page document claiming the solution protections will satisfy these requirements.
Security Current, the premier information and collaboration community by CISOs for CISOs, named ROMAD Cyber Systems the winner of its Security Shark Tank® Cupertino competition. The event brought security solution providers face-to-face with potential buyers.
Participating vendors were given 15 minutes each to pitch their solution to the panel of information security executives interested in innovative technologies. The executives scored each vendor based on innovation and vision, ease of use and implementation, value to the industry, and the presenter’s ability to clearly and effectively articulate their value and differentiator.
Maxim Integrated CISO Matt Hollcraft served as event host and panel moderator.
The CISO panel included:
Tom Baltis, VP & CISO, Blue Cross Blue Shield of Michigan
JP Calderon, CISO, The Clorox Company
Neil Daswani, CISO, LifeLock
Robert Duhart, Cyber Security Lead, Ford Motor Company
Ajit Gaddam, Global Chief Information Security Architect, Visa
Anshu Gupta, Director of Information Security, HelloSign
Mike Machado, CSO, RingCentral
Vanessa Pegueros, CISO, DocuSign
Regina Wallace Jones, Head of Information Security Operations, Facebook
Participating CISOs said a key benefit of participating in the Security Shark Tank was that it enabled them to engage with their peers as they learned about new technology.
“Security Shark Tank is a huge value to me. No other event I’ve found provides this much exposure to new technologies so conveniently,” said Hollcraft. “Add the opportunity to hear from my CISO peers about what technology they find interesting and how they are using various solutions, and this event is an all-around win.”
DocuSign CISO Vanessa Pegueros added: “It is so challenging to find the time to talk with vendors. Security Shark Tank is a great way to learn about new vendors while enjoying great interaction with peers."
Security Shark Tank winner ROMAD Cyber’s patented genome sequencing technology profiles entire malware families enabling users to detect emerging threats. CISOs rated ROMAD highest in the areas of innovation and vision, and the importance of the challenge the technology solves.
“ROMAD’s technology is pretty interesting and innovative. Being able to genetically sequence the entire malware ecosystem to 100 or so active malware families and corresponding genomes is definitely a strong ‘DETECT’ and ‘PROTECT’ control. Instead of looking at the app or network layer, it is looking to treat the entire host as a sandbox and tracing different OS system calls,” said Ajit Gaddam, Global Chief Information Security Architect for Visa. “As they continue to mature the platform, it will be interesting to see how it plays out in large corporate environments and determine its efficacy.”
Ten CISOs from across industries share insight on the future of cyber insurance and tips for success.
Ten CISOs from across industries weigh in on the effectiveness of passwords, with most predicting that the days are numbered for the password as the sole authentication method.
A CISOs Guide to Principles of Data Privacy and Security
By David Sheidlower
In this conversation, MIAX Options CSO John Masserini discusses the threat detection and response space with AlienVault President and CEO Barmak Meftah.
An early adopter of threat intelligence, Masserini notes its challenges and asks Meftah what AlienVault is seeing in the market and how threat intelligence is being integrated into companies’ security organizations.
Meftah describes AlienVault’s crowdsourcing approach and how it is helping SMBs centralize and simplify their threat detection and response. They were speaking in this sponsored podcast at the Black Hat Conference in Las Vegas.